Alcatel-Lucent 7450 System Management Manual page 164

Public Key Infrastructure (PKI) Commands
Note that if there are multiple objects with same type in the input file, only first object will be
extracted and converted.
Default none
Parameters input url-string — Specifies the URL for the input file. This URL could be either a local CF card
output url-string — Specifies the name of output file up to 95 characters in length. The output
type — The type of input file.
format — Specifies the format of input file.
password — Specifies the password to decrypt the input file in case that it is a encrypted PKCS#12
reload
Syntax reload type {cert|key|cert-key-pair} filename [key-file filename]
Context admin>certificate
Description This command reloads imported certificate or key file or both at the same time. This command is typ-
ically used to update certificate/key file without shutting down ipsec-tunne/ipsec-gw/cert-profile/
ca-profile. Note that type cert and type key will be deprecated in a future release. Use type cert-
key-pair instead. Instead of type cert use type key instead.
Page 164
→ PKCS #7 DER encoded
→ PEM
→ DER
URL file or a FP URL to download the input file.
directory depends on the file type like following:
• Key: cf3:\system-pki\key
• Cert: cf3:\system-pki\cert
• CRL: cf3:\system-pki\CRL
Values url-string
local-url
cflash-id
Values cert, key, crl
Values
pkcs12, pkcs7-der, pkcs7-pem, pem, der
file.
• If the new file exists and valid, then for each tunnel using it:
→ If the key matches the certificate, then the new file will be downloaded to the MS-ISA
to be used the next time. Tunnels currently up are not affected.
→ If the key does not match the certificate:
→ If cert and key configuration is used instead of cert-profile then the tunnel will be
brought down.
<local-url> - [99 chars max]
<cflash-id>/<file-path>
cf1:|cf2:|cf3:
7450 ESS System Mangement Guide