The trustpoints utilized by a controller, service platform or access point can be exported to an external resource for archive.
Once a certificate has been generated on the local authentication server, export the self-signed certificate. A digital CA certificate is different from a self-signed certificate. The CA certificate contains the public and private key pairs. The self-signed certificate only contains a public key. Export the self-signed certificate for publication on a Web server or file server for certificate deployment, or export it in to an active directory group policy for automatic root certificate deployment.
Additionally, export the key to a redundant RADIUS server so it can be imported without generating a second key. If there's more than one RADIUS authentication server, export the certificate and do not generate a second key unless you want to deploy two root certificates.
Use this procedure to export trustpoints.
and configure
the parameters as described in Export Trustpoint Parameters.
| Trustpoint Name | Enter the name (up to 32 characters) assigned to the trustpoint. The trustpoint signing the certificate can be a certificate authority, a corporation, or an individual. |
| Path/File | Specify the path to the signed trustpoint file. Enter the complete relative path to the file on the server. |