Alcatel-Lucent 7450 System Management Manual page 154

Public Key Infrastructure (PKI) Commands
Default
none
key-list
Syntax cmp-key-list
Context config>system>security>pki>ca-profile>cmp2
Description This command enables the context to configure pre-shared key list parameters.
key
Syntax key password [hash|hash2] reference reference-number
no key reference reference-number
Context config>system>security>pki>ca-profile>cmp2>key-list
Description
This command specifies a pre-shared key used for CMPv2 initial registration. Multiples of key com-
mands are allowed to be configured under this context.
The password and reference-number is distributed by the CA via out-of-band means.
The configured password is stored in configuration file in an encrypted form by using SR OS hash2
algorithm.
The no form of the command removes the parameters from the configuration.
Default none
Parameters
password — Specifies a printable ASCII string, up to 64 characters in length.
hash — Specifies that the given password is already hashed using hashing algorithm version 1. A
hash2 — Specifies that the given password is already hashed using hashing algorithm version 2. A
reference reference-number — Specifies a printable ASCII string, up to 64 characters in length.
url
Syntax cmp-url url-string [service-id service-id]
no cmp-url
Context config>system>security>pki>ca-profile>cmp2
Description This command specifies HTTP URL of the CMPv2 server. The URL must be unique across all con-
figured ca-profiles.
Page 154
semantic check is performed on the given password field to verify if it is a valid hash 1 key to
store in the database.
semantic check is performed on the given password field to verify if it is a valid hash 2 key to
store in the database.
7450 ESS System Mangement Guide