H3C s3100 series Command Manual page 1117
Hide thumbs
Also See for s3100 series:
- Command manual (1244 pages) ,
- Operation manual (1057 pages) ,
- Installation manual (94 pages)
Table of Contents
Advertisement
root-certificate fingerprint
Syntax
root-certificate fingerprint { md5 | sha1 } string
undo root-certificate fingerprint
View
PKI domain view
Parameters
md5: Uses an MD5 fingerprint.
sha1: Uses a SHA1 fingerprint.
string: Fingerprint to be used. An MD5 fingerprint must be a string of 32 characters in hexadecimal. A
SHA1 fingerprint must be a string of 40 characters in hexadecimal.
Description
Use the root-certificate fingerprint command to configure the fingerprint to be used for verifying the
validity of the CA root certificate.
Use the undo root-certificate fingerprint command to remove the configuration.
By default, no fingerprint is configured for verifying the validity of the CA root certificate.
Examples
# Configure an MD5 fingerprint for verifying the validity of the CA root certificate.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] root-certificate fingerprint md5 12EF53FA355CD23E12EF53FA355CD23E
# Configure a SHA1 fingerprint for verifying the validity of the CA root certificate.
[Sysname-pki-domain-1]
D1526110AAD7527FB093ED7FC037B0B3CDDDAD93
rule (access control policy view)
Syntax
rule [ id ] { deny | permit } group-name
undo rule { id | all }
View
Access control policy view
Parameters
id: Number of the certificate attribute access control rule, in the range 1 to 16. The default is the smallest
unused number in this range.
deny: Indicates that a certificate whose attributes match an attribute rule in the specified attribute group
is considered invalid and denied.
root-certificate
1-22
fingerprint
sha1
- Quick Links:
- Cli Configuration Commands
- Login
Hide quick links:
Advertisement
Chapters
Table of Contents
