
D-Link DWS-1008 CLI Manual 223
crypto pkcs12
Unpacks a PKCS#12 object file into the certificate and key storage area on the switch. This object
file contains a public-private key pair, a switch certificate signed by a certificate authority, and the
certificate authority’s certificate.
Syntax: crypto pkcs12 {admin | eap | web} file-location-url
admin Unpacks a PKCS#12 object file for an administrative certificate and key
pair—and optionally the certificate authority’s own certificate—for
authenticating the switch to Web View.
eap Unpacks a PKCS#12 object file for an EAP certificate and key pair—and
optionally the certificate authority’s own certificate—for authenticating the
switch to 802.1X supplicants (clients).
web Unpacks a PKCS#12 object file for a WebAAA certificate and key pair—and
optionally the certificate authority’s own certificate—for authenticating the
switch to WebAAA clients.
file-location-url Location of the PKCS#12 object file to be installed. Specify a location of
between 1 and 128 alphanumeric characters, with no spaces.
Defaults: The password you enter with the crypto otp command must be the same as the one
protecting the PKCS#12 file.
Access: Enabled.
Usage: To use this command, you must have already created a one-time password with the
crypto otp command.
You must also have the PKCS#12 object file available. You can download a PKCS#12 object file
via TFTP from a remote location to the local nonvolatile storage system on the switch.
Examples: The following commands copy a PKCS#12 object file for an EAP certificate and key
pair—and optionally the certificate authority’s own certificate—from a TFTP server to nonvolatile
storage on the switch, create the one-time password hap9iN#ss, and unpack the PKCS#12 file:
DWS-1008# copy tftp:// 2048full.p12
success: received 637 bytes in 0.253 seconds [ 2517 bytes/sec]
DWS-1008# crypto otp eap hap9iN#ss
OTP set
DWS-1008# crypto pkcs12 eap 2048full.p12
Unwrapped from PKCS12 file:
device certificate
CA certificate