Cryptography Commands 487Nortel WLAN—Security Switch 2300 Series Command Line ReferenceDefaults None.Access Enabled.HistoryUsage The password allows the public-private key pair and certificate to be installed together from the samePKCS #12 object file. WSS Software erases the one-time password after processing the crypto pkcs12command or when you reboot the WSS.Nortel recommends that you create a password that is memorable to you but is not subject to easy guesses or a dictionaryattack. For best results, create a password of alphanumeric uppercase and lowercase characters.Examples The following command creates the one-time password hap9iN#ss for installing an EAPcertificate and key pair:WSS# crypto generate otp eap hap9iN#ssOTP setSee Also crypto pkcs12 on page 477crypto pkcs12Unpacks a PKCS #12 object file into the certificate and key storage area on the WSS. This object file contains a public-private key pair, a WSS certificate signed by a certificate authority, and the certificate authority’s certificate.Syntax crypto pkcs12 {admin | eap | web} file-location-urlone-time-password Password of at least 1 alphanumeric character, with no spaces, forclients other than Microsoft Windows clients. The password mustbe the same as the password protecting the PKCS #12 object file.Note: On a WSS that handles communications to and fromMicrosoft Windows clients, use a one-time password of31 characters or fewer.The following characters cannot be used as part of the one-timepassword of a PKCS #12 file:• Quotation marks (“ ”)• Question mark (?)• Ampersand (&)Version 4.1 webaaa option renamed to webadmin Unpacks a PKCS #12 object file for an administrative certificateand key pair—and optionally the certificate authority’s owncertificate—for authenticating the WSS to WLAN ManagementSoftware or Web View.eap Unpacks a PKCS #12 object file for an EAP certificate and keypair—and optionally the certificate authority’s own certificate—forauthenticating the WSS to 802.1X supplicants (clients).