Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4248FB-ON /S4248FBL-ON
1391139213931394139513961397139813991400
2. Generate a CSR, copy the CSR to a CA server, download the signed certificate, and install the host certificate.
OS10# crypto cert generate request cert-file home://s4048-001-csr.pem
key-file home://tsr6-key.pem cname "Top of Rack 6" altname "IP:10.0.0.6
DNS:tor6.dell.com"
email admin@dell.com organization "Dell EMC" orgunit Networking locality "santa Clara"
state California country US length 1024
Processing certificate ...
Successfully created CSR file /home/admin/tor6-csr.pem and key
OS10# copy home://tor6-csr.pem scp://CAadmin:secret@172.11.222.1/s4048-001-csr.pem
OS10# copy scp://CAadmin:secret@172.11.222.1/s4048-001.crt usb://s4048-001-crt.pem
OS10# crypto cert install crt-file usb://s4048-001-crt.pem key-file usb://s4048-001-
crt.key
This will replace the already installed host certificate.
Do you want to proceed ? [yes/no(default)]:yes
Processing certificate ...
Host certificate installed successfully.
3. Configure an X.509v3 security profile.
OS10# show crypto cert
--------------------------------------
| Installed non-FIPS certificates |
--------------------------------------
s4048-001-csr.pem
--------------------------------------
| Installed FIPS certificates |
--------------------------------------
OS10# config terminal
OS10(config)# crypto security-profile radius-admin
OS10(config-sec-profile)# certificate s4048-001-csr
OS10(config-sec-profile)# exit
4. Configure the RADIUS over TLS server.
OS10# radius-server host 10.0.0.1 tls security-profile radius-admin key radsec
5. Configure RADIUS-based user authentication.
OS10# aaa authentication login default group radius local
X.509v3 commands
certificate
Configures a certificate and private key pair in an application-specific security profile.
Syntax
certificate certificate-name
Parameters certificate-name Enter the name of the certificate-key pair as it appears in the show crypto
certs output without the .pem extension.
Default Not configured
Command mode SEC-PROFILE
Usage
information
Use the certificate command to associate a certificate and private key with a security profile. An
application-specific security profile allows you to change the certificate-key pair used by an OS10
application, such as SmartFabric services, without interrupting the service of other mission-critical
applications.
Security 1397