Ca Identifier; Certificate Request Entity - HP 5120 SI series Command Reference Manual
Hide thumbs
Also See for 5120 SI series:
- Security configuration manual (385 pages) ,
- Installation manual (48 pages) ,
- Specification (33 pages)
Table of Contents
Advertisement
The attribute of the alternative certificate subject name does not appear as a distinguished name, and
therefore the dn keyword is not available for the attribute.
Examples
# Create a certificate attribute rule, specifying that the DN in the subject name includes the string of abc.
<Sysname> system-view
[Sysname] pki certificate attribute-group mygroup
[Sysname-pki-cert-attribute-group-mygroup] attribute 1 subject-name dn ctn abc
# Create a certificate attribute rule, specifying that the FQDN in the issuer name cannot be the string of
abc.
[Sysname-pki-cert-attribute-group-mygroup] attribute 2 issuer-name fqdn nequ abc
# Create a certificate attribute rule, specifying that the IP address in the alternative subject name cannot
be 10.0.0.1.
[Sysname-pki-cert-attribute-group-mygroup] attribute 3 alt-subject-name ip nequ 10.0.0.1
ca identifier
Syntax
ca identifier name
undo ca identifier
View
PKI domain view
Default level
2: System level
Parameters
name: Specifies a trusted CA name, a case-insensitive string of 1 to 63 characters.
Description
Use the ca identifier command to specify the trusted CA and bind the device with the CA.
Use the undo ca identifier command to remove the configuration.
By default, no trusted CA is specified for a PKI domain.
Certificate request, retrieval, revocation, and query all depend on the trusted CA.
Examples
# Specify the trusted CA as new-ca.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] ca identifier new-ca
certificate request entity
Syntax
certificate request entity entity-name
undo certificate request entity
215
- Quick Links:
- Command Reference
Hide quick links:
Advertisement
Table of Contents
