297.Managing certificatesThis chapter includes the following topics:Topic“Overview” (page 297)“Key and certificate formats” (page 298)“Creating certificates” (page 299)“Installing certificates and keys” (page 299)“Saving or exporting certificates and keys” (page 300)“Updating certificates” (page 300)“Managing private keys and certificates” (page 301)“Roadmap of certificate management commands” (page 301)“Managing and viewing certificates and keys” (page 302)“Generating and submitting a CSR” (page 305)“Adding a certificate to the Nortel SNAS ” (page 310)“Adding a private key to the Nortel SNAS ” (page 312)“Importing certificates and keys into the Nortel SNAS ” (page 314)“Displaying or saving a certificate and key” (page 316)“Exporting a certificate and key from the Nortel SNAS ” (page 318)“Generating a test certificate” (page 320)Overview To use the encryption capabilities of the Nortel SNAS, you must add a keyand certificate that conforms to the X.509 standard.The key and certificate apply to the cluster. It does not matter whetheryou connect to the Management IP address (MIP) or Real IP address(RIP) of a Nortel SNAS device in order to manage Secure Socket Layer(SSL) certificates. When you add a key and certificate to one Nortel SNASdevice in the cluster, the information is automatically propagated to allother devices in the cluster.Nortel Secure Network Access SwitchUsing the Command Line InterfaceNN47230-100 03.01 Standard28 July 2008Copyright © 2007, 2008 Nortel Networks.