No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
local-eap-server authentication certificate ca

local-eap-server authentication certificate ca

Function

The local-eap-server authentication certificate ca command configures a CA certificate.

The undo local-eap-server authentication certificate ca command deletes a CA certificate.

By default, no CA certificate is configured.

Format

local-eap-server authentication certificate ca format pem filename filename

undo local-eap-server authentication certificate ca

Parameters

Parameter

Description

Value
format pem

Configures a CA certificate in PEM format.

-
filename filename

Configures a CA certificate with a specified file name.

The value is a string of 1 to 63 characters.

Views

Branch AP group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In WAN 802.1X authentication escape scenarios, after CAPWAP tunnels between the AC and APs are disconnected, you can initiate 802.1X authentication on the built-in local RADIUS servers of the APs to implement WAN escape. The built-in RADIUS servers of APs support the following EAP authentication protocols: EAP-TLS, EAP-PEAP, and EAP-TTLS. If EAP-TLS is selected, configure a CA certificate, local certificate of the local RADIUS server, and private key of the local RADIUS server.You can run this command to configure a CA certificate. After APs go online, the AC automatically delivers the CA certificate to the APs.

Precautions

  • When a certificate is added to or deleted from an online AP, run the load-authentication-file command to manually deliver the certificate to the AP.
  • If a certificate is being delivered, this command cannot be executed.

Example

# Configure CA certificate caserver.pem.
<AC6605> system-view
[AC6605] wlan 
[AC6605-wlan-view] branch-group name group1
[AC6605-wlan-branch-group-group1] local-eap-server authentication certificate ca format pem filename caserver.pem
Related Topics
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3161364

Downloads: 593

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :