...
| Блок кода |
|---|
wlc# crypto generate private-key rsa 1024 filename tester.pem Destination file already exists. Do you really want to overwrite it? (y/N): y ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ..................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| Scroll Pagebreak |
|---|
...
| Блок кода | ||||
|---|---|---|---|---|
| ||||
wlc# show crypto certificates csr tester.csr
Version: 1
Subject name:
C(countryName): ru
ST(stateOrProvinceName): Novosibirsk_oblast
L(localityName): 4_floor
O(organizationName): ELTEX
OU(organizationalUnitName): wireless
CN(commonName): tester@wlc.root
emailAddress(emailAddress): test@test.com
Signature:
Algorithm: sha256WithRSAEncryption
Value: 32:DE:27:BE:38:E0:B4:1A:BE:57:0C:50:5E:05:D5:9F:3D:ED:
12:EC:27:3F:42:17:3D:36:EC:72:4A:52:AF:0C:C1:FB:6A:CA:
12:27:E7:C2:31:0A:5A:2D:5D:C3:5D:6B:80:6E:86:D1:66:06:
4F:21:AC:A9:40:E7:1F:CC:FD:D0:9B:C4:D7:F0:56:84:19:07:
1E:D4:28:0F:C9:36:26:D6:D1:9F:25:F6:73:04:DB:9A:31:94:
79:BE:8D:8E:97:05:0E:F8:A7:CD:A7:F8:80:6E:E1:A2:7B:D5:
D7:1F:73:8E:D0:C3:2E:F3:D2:EF:87:E0:9A:F8:F3:6B:A6:4D:
E3:6C:5A:B7:6E:2A:61:DE:BF:8E:FB:94:D5:DC:40:15:39:70:
43:AA:9B:B1:76:43:BA:7E:52:FD:46:6F:E3:1B:C0:19:09:86:
6E:71:9B:37:BD:A5:B9:0C:E8:66:4E:8E:DF:E0:9B:70:07:48:
15:CD:6F:8E:80:87:56:89:74:17:9D:C3:D5:2A:92:C4:BB:16:
D9:09:E7:8A:EB:D0:3B:C4:A8:74:92:92:C3:39:40:3D:8E:62:
7D:A7:B6:22:D9:5D:50:5D:BB:CD:B5:0D:47:D2:F6:C1:D6:FF:
FA:18:58:15:A9:52:B1:D3:3C:94:A4:40:4B:15:D1:48:F8:53:
E8:A8:3A:35
Subject Public Key Info:
Algorithm: RSA
Key size: 2048
Exponent: 65537
Modulus: 00:AE:90:97:89:02:4D:49:6F:D7:45:9F:19:8D:4B:F7:30:6B:
5C:DF:FE:2B:D0:E4:85:66:45:2E:2E:98:20:E8:B8:A2:42:29:
C1:1A:A1:44:B4:DD:B1:BE:93:45:1F:0E:7A:A6:A9:C1:5B:D6:
DD:74:4C:E6:DE:D2:B9:12:5A:8F:33:DE:21:64:08:BE:1B:D5:
1B:C2:2C:07:AB:4D:40:3F:87:C7:60:41:EC:9C:48:35:D0:16:
70:DD:A7:28:26:34:A4:54:E4:55:14:72:2A:0A:39:A8:39:E5:
4A:CA:1F:D9:10:4C:7B:BC:BE:F4:08:64:CE:A0:43:7D:FA:EB:
B4:7C:F7:0B:D6:AF:C9:AA:37:B9:9A:10:6F:3D:2F:D7:71:FC:
DB:6C:76:E5:9F:25:DC:80:D6:BB:71:E7:9C:31:42:F8:A3:D4:
67:E3:5D:F8:FB:9A:EF:44:E4:E3:C1:8C:00:23:9D:C0:37:76:
23:9D:B5:B3:C4:45:D7:84:C9:10:4D:26:56:CF:6D:AA:F3:10:
34:AC:C4:AC:7B:7A:CA:D1:BC:D6:D6:84:74:AB:42:FB:AE:56:
EC:26:09:DF:A1:2B:B1:AD:D5:F7:78:8C:89:0D:B1:5F:A9:D1:
23:63:8E:8E:BF:AE:26:F8:EC:39:8A:4C:45:5C:3B:AB:BE:40:
23:7D:73:F2:A7
X509v3 Subject Alternative Name:
Names: IP Address:10.10.10.10
Critical: No
|
| Scroll Pagebreak |
|---|
Генерация сертификата, подписанного CA от RADIUS
...
| Блок кода | ||||
|---|---|---|---|---|
| ||||
radius-server local
nas ap
key ascii-text encrypted 8CB5107EA7005AFF
network 192.168.1.0/24
exit
nas local
key ascii-text encrypted 8CB5107EA7005AFF
network 127.0.0.1/32
exit
domain default
exit
domain wlc.root
user tester
password ascii-text encrypted 8CB5107EA7005AFF
crypto cert tester.crt
exit
exit
virtual-server default
no proxy-mode
auth-port 1812
acct-port 1813
enable
exit
enable
tls mode domain
crypto private-key default_cert_key.pem
crypto cert default_cert.pem
crypto ca default_ca.pem
exit |
| Scroll Pagebreak |
|---|
Установка клиентского сертификата
...
2. Введите пароль. Он соответствует параметру сертификата Password, который вы указали при генерации контейнера на wlc.
| Scroll Pagebreak |
|---|
3. Подтвердите установку пользовательского сертификата.
...
Откройте раздел "Безопасность", выберите метод проверки подлинности "Microsoft: смарт-карта или иной сертификат". Нажмите кнопку "Параметры".
| Scroll Pagebreak |
|---|
...