PKI commands
The switch supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,
commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about
FIPS mode, see Security Configuration Guide.
attribute
Use attribute to configure an attribute rule for certificate issuer name, subject name, or alternative subject
name.
Use undo attribute to remove an attribute rule.
Syntax
attribute id { alt-subject-name { fqdn | ip } | { issuer-name | subject-name } { dn | fqdn | ip } } { ctn |
equ | nctn | nequ } attribute-value
undo attribute id
Default
No attribute rule exists.
Views
Certificate attribute group view
Predefined user roles
network-admin
Parameters
id: Specifies a sequence number for the attribute rule, in the range of 1 to 16.
alt-subject-name: Specifies the alternative subject name.
fqdn: Specifies the FQDN of the entity.
ip: Specifies the IP address of the entity.
dn: Specifies the DN of the entity.
issuer-name: Specifies the issuer name.
subject-name: Specifies the subject name.
ctn: Specifies the contain operation.
equ: Specifies the equal operation.
nctn: Specifies the not-contain operation.
171