398 CHAPTER 13: CRYPTOGRAPHY COMMANDS
■ admin — Creates a one-time password for installing a PKCS #12
object file for an administrative certificate and key pair—and
optionally the certificate authority’s own certificate—to authenticate
the WX switch to 3WXM or Web Manager.
■ eap — Creates a one-time password for installing a PKCS #12 object
file for an EAP certificate and key pair—and optionally the certificate
authority’s own certificate—to authenticate the WX switch to 802.1X
supplicants (clients).
■ webaaa — Creates a one-time password for installing a PKCS #12
object file for a Web AAA certificate and key pair—and optionally the
certificate authority’s own certificate—to authenticate the WX switch
to Web AAA clients.
■ one-time-password — Password of at least 1 alphanumeric
character, with no spaces, for clients other than Microsoft Windows
clients. The password must be the same as the password protecting
the PKCS #12 object file.
Note: On an WX switch that handles communications to and from
Microsoft Windows clients, use a one-time password of 31 characters
or fewer.
The following characters cannot be used as part of the one-time
password of a PKCS #12 file:
■ Quotation marks (“ ”)
■ Question mark (?)
■ Ampersand (&)
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — The password allows the public-private key pair and certificate
to be installed together from the same PKCS #12 object file. MSS erases
the one-time password after processing the crypto pkcs12 command or
when you reboot the WX switch.
3Com recommends that you create a password that is memorable to you
but is not subject to easy guesses or a dictionary attack. For best results,
create a password of alphanumeric uppercase and lowercase characters.
