90 Configuring a 2370, 2360, or 2380 Switch for Basic Service320656-AInstalling a CertificateTo manage a WSS, WLAN Management Software or a Web browser using Web View must be able to authen-ticate the switch and establish an encrypted session to it. This requires the switch to have a server certificate.Use one of the following methods to enable secure communication between WLAN Management Software orWeb View and a WSS:• Generate a self-signed certificate on the switch.(See “Generating a Self-Signed Certificate” on page 90.)• Alternatively, request a certificate for the WSS from a CA and install the certificate into the switch alongwith the CA’s own certificate.(See “Installing a Certificate Assigned by a Certificate Authority” on page 91 and “Installing aCertificate Authority’s Certificate” on page 93.)Generating a Self-Signed CertificateAs an alternative to using a certificate assigned by a CA, you can generate a self-signed certificate on theWSS. To use a self-signed certificate generated by the WSS, use the following commands:crypto generate key admin {512 | 1024 | 2048}crypto generate self-signed adminThe following commands generate a public-private key pair and a self-signed certificate:2370# crypto generate key admin 1024key pair generated2370# crypto generate self-signed adminCountry Name:State Name:Locality Name:Organizational Name:Organizational Unit:Common Name: mx1@example.comEmail Address:Unstructured Name:Self-signed cert for admin is-----BEGIN CERTIFICATE-----MIICUzCCAbygAwIBAgICA+cwDQYJKoZIhvcNAQEEBQAwNjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRowGAYDVQQDFBF0ZWNocHVic0B0cnB6LmNvbTAeFw0wMzA0...Lm8wmVYLxP56MpCUAm9O8C2foYgOY40=-----END CERTIFICATE-----The common name is required. The other fields are optional. Use a common name that uniquely identifies theWSS. Use a fully qualified name if such names are supported on your network.