User Manual

ManualsBrandsYamaha ManualsProfessional AudioL2 Switch

281

282

283

284

285

286

287

288

289

290

Authentication method Characters that can be inputted

EAP-MD5, EAP-TTLS, PEAP, PAP

Single-byte alphanumeric characters and

symbols other than the characters \ [ ] " ? and

spaces

EAP-TLS

Single-byte alphanumeric characters and

symbols other than the characters \ [ ] / : * | < >

" ? and spaces

[Input mode]

privileged EXEC mode

[Description]

This issues client certificates to users for which the EAP-TLS certification method is specified.

If the user ID is omitted, client certificates will be sent for all users who meet the following conditions.

• Users to whom a client certificate has never been issued

• Users whose passwords or client certificate’s term of validity has been changed

• Users whose authentication method has been changed to EAP-TLS

This automatically revokes the client certificates for users whose authentication methods have been changed from EAP-TLS to

a method other than EAP-TLS.

When the “mail” keyword is specified, this sends a client certificate to the e-mail address set using the user command.

The e-mail subject and body text follow the e-mail settings template (mail send certificate command) used when the certificate

was sent.

E-mails cannot be sent if an e-mail address has not been set.

[Note]

Up to two client certificates may be issued per user. If two or more client certificates are issued, the older ones will be revoked.

As bulk issuance of client certificates takes time, this is performed in the background, and other commands may be executed

while the certificates are being issued.

However, note that the following commands may not be executed due to restrictions.

• crypto pki generate ca

• no crypto pki generate ca

• nas

• user

• certificate user

• certificate mail user

• certificate revoke

• certificate export sd

• copy radius-server local

[Example]

Bulk issuance of client certificates.

SWR2310#certificate user

10.1.11 Aborting the issue of a client certificate

[Syntax]

certificate abort

[Input mode]

privileged EXEC mode

[Description]

This aborts the bulk issuance of client certificates.

The issuance of client certificates can be restarted by executing the certificate user command once more.

[Example]

Aborts the bulk issuance of client certificates.

SWR2310#certificate abort

290 | Command Reference | Application