Source - HP 5920 Command Reference Manual
Hide thumbs
Also See for 5920:
- Command reference manual (607 pages) ,
- Configuration manual (424 pages) ,
- Fc and fcoe configuration manual (257 pages)
Table of Contents
Advertisement
permit: Permits the certificates that match the associated certificate group.
group-name: Specifies a certificate attribute group, a case-insensitive string of 1 to 31 characters.
Usage guidelines
You can associate a nonexistent certificate attribute group when you create a statement. Later you can
use the pki certificate attribute-group command to create the certificate attribute group.
If the associated certificate attribute group does not exist, or the group has no attribute rules (set by the
attribute command), any certificates can match the statement.
The statements in a policy are sorted in an ascending order. When a certificate matches a statement, the
match process stops, and access control is performed based on the certificate verification result.
Examples
# Create a permit statement and associate the statement with the certificate attribute group mygroup.
<Sysname> system-view
[Sysname] pki certificate access-control-policy mypolicy
[Sysname-pki-cert-acp-mypolicy] rule 1 permit mygroup
Related commands
attribute
•
•
display pki certificate access-control-policy
pki certificate attribute-group
•
source
Use source to specify the source IP address for PKI protocol packets.
Use undo source to remove the configuration.
Syntax
source { ip | ipv6 } { ip-address | interface interface-type interface-number }
undo source
Default
The source IP address is the outgoing interface IP address of the route to the CA.
Views
PKI domain view
Predefined user roles
network-admin
Parameters
ip ip-address: Specifies a source IPv4 address.
ipv6 ip-address: Specifies a source IPv6 address
224
Advertisement
Table of Contents
