Before generating a certificate, make sure the time and date on the ExtremeCloud IQ
clock are accurate. Otherwise, the certificate might be rejected during validation
because the starting date has not occurred or the expiration date has passed.
To support secure wireless client traffic and captive web portal configurations using
HTTPS, ExtremeCloud IQ provides features that enable you to create Certificate
Management objects.
-
Select the plus sign.
-
Create one of the following types of certificates:
- ExtremeCloud IQ CA: Select to generate your own
Certificate Authority (CA) certificate. See Create an ExtremeCloud IQ Certificate of Authority.
- Server CSR: Select to generate a certificate that
consists of three parts used during the verification process. The first
part describes the content of the certificate. The second part contains
the server's public key. The third part consists of the same fields
hashed with the server's message digest, or public key, and then
encrypted with the issuing CA digital signature (the ExtremeCloud IQ CA,
for example) private key. See Create a Server CSR.
- Concatenate an
existing certificate and private key: Select this option
when working with captive web portals. One option in a captive web
portal configuration is to secure wireless client traffic using HTTPS.
The type of web server that an Extreme Networks device supports requires
the server certificate be concatenated with an unencrypted private key
that corresponds with the certificate's public key. You can concatenate
an existing server certificate and private key or generate a new
self-signed server certificate that already has the private key and
certificate concatenated. See Concatenate an Existing Certificate and Private Key.
- Self-signed certificate: Select to generate a new
self-signed server certificate that already has the private key and
certificate concatenated. See Create a Self-signed Certificate.
-
Select Save.
-
You can also import a
certificate or key.