Before you create and install a certificate:
Certificate Format | Description |
---|---|
PKCS#12 | The PKCS#12 certificate (.pfx) file contains both
a certificate and the corresponding private key. The controller will accept the PKCS#12 file as long as the format of the private key and certificate are valid. |
PEM/DER | The PEM/DER certificate (.crt) file requires a
separate PEM/DER private key (.key) file. The controller uses OpenSSL
PKCS12 command to convert the .crt and .key files into a single .pfx
PKCS#12 certificate file. The controller will accept the PEM/DER file as long as the format of the private key and certificate are valid. |
PEM-formatted CA public certificate file | If you choose to install this optional certificate, you must do so when specifying the PCKCS#12 or PEM/DER certificates. |
Note
When generating the PKCS#12 certificate file or PEM/DER certificate and key files, you must ensure that the interface identified in the certificate corresponds to the controller‘s interface for which the certificate is being installed.The controller generates an entry in the events information log as the certificate expiry date approaches, based on the following schedule: 15, 8, 4, 2, and 1 day prior to expiration. The log messages cease when the certificate expires. For more information, refer to the Extreme Networks ExtremeWireless Maintenance Guide.
Installed certificates will be backed up and restored with the controller configuration data. Installed certificates will also be migrated during an upgrade and during a migration.