Managing private keys and certificates 3152 Access the Certificate menu by using the /cfg/cert id> command, where is the certificate number.To install a new certificate, specify an unused certificate number.To replace an installed certificate, specify the installed certificateindex number.To view basic information about all configured certificates,use the /info/certs command. To verify that the currentcertificate number is not in use by an installed certificate, use the/cfg/cert #/show command.3 Import the certificate. Enter the following command:/cfg/cert #/importYou are prompted to enter the certificate and private key importinformation. If the private key has been password protected, youare prompted for the correct password phrase as well. Table 55"Certificate and key import information" (page 315) explains therequired parameters.Table 55Certificate and key import informationParameter DescriptionProtocol The file import protocol. The options are TFTP,FTP, SCP, SFTP. The default is TFTP.Server host nameor IP addressThe host name or IP address of the fileexchange server.File name The name of the file on the file exchangeserver.[FTP user nameand password]For FTP, SCP, and SFTP, the user name andpassword to access the file exchange server.The default is anonymous.For anonymous mode, the Nortel SNAS usesthe following string as the password (for loggingpurposes): admin@.isd.[Pass phrase] If the key is password protected, the passwordphrase specified when the key was created orexported. The password phrase must be atleast four characters in length.4 If the private key was not included in the certificate file, repeatstep 3 to import the key file, then go to step 5.5 Apply the changes.The certificate and private key are now fully installed.Figure 18 "Adding a certificate and private key by importing"(page 316) shows sample output for the /cfg/cert #/importNortel Secure Network Access SwitchUsing the Command Line InterfaceNN47230-100 03.01 Standard28 July 2008Copyright © 2007, 2008 Nortel Networks.