Motorola AP-51XX User Manual
Page 107
System Configuration
4-15
certificate. A browser must contain this CA certificate in its Trusted Root Library so it can trust
certificates “signed” by the CA's private key.
Depending on the public key infrastructure, the digital certificate includes the owner's public key, the
certificate expiration date, the owner's name and other public key owner information.
The access point can import and maintain a set of CA certificates to use as an authentication option
for Virtual Private Network (VPN) access. To use the certificate for a VPN tunnel, define a tunnel and
select the IKE settings to use either RSA or DES certificates. For additional information on configuring
VPN tunnels, see
Configuring VPN Tunnels on page 6-36
.
Refer to your network administrator to obtain a CA certificate to import into the access point.
To import a CA certificate:
1.
Select
System Configuration
->
Certificate Mgmt
->
CA Certificates
from the menu
tree.
CAUTION Loaded and signed CA certificates will be lost when changing the
access point’s firmware version using either the GUI or CLI. After a
certificate has been successfully loaded, export it to a secure location
to ensure its availability after a firmware update.
If restoring the access point’s factory default firmware, you must
export the certificate file BEFORE restoring the access point’s factory
default configuration. Import the file back after the updated firmware
is installed. For information on using the access point CLI to import
and export the access point’s configuration, see
AP51xx>admin(system.cmgr)> impcert on page 8-167
and
AP51xx>admin(system.cmgr)> expcert on page 8-166
NOTE
Verify the access point device time is synchronized with an NTP server
before importing a certificate to avoid issues with conflicting date/time
stamps. For more information, see
Configuring Network Time Protocol
!