HP FlexNetwork MSR Series Command Reference Manual page 447
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
Character name
Vertical bar
Colon
der: Specifies the DER certificate file format, including PKCS#7.
p12: Specifies the PKCS#12 certificate file format.
pem: Specifies the PEM certificate file format.
all: Specifies both CA and local certificates. The RA certificate is excluded.
ca: Specifies the CA certificate.
local: Specifies the local certificates or the local certificates and their private keys.
passphrase p12-key: Specifies a password for encrypting the private key of a local PKCS12
certificate.
3des-cbc: Specifies 3DES_CBC for encrypting the private key of a local certificate.
aes-128-cbc: Specifies 128-bit AES_CBC for encrypting the private key of a local certificate.
aes-192-cbc: Specifies 192-bit AES_CBC for encrypting the private key of a local certificate.
aes-256-cbc: Specifies 256-bit AES_CBC for encrypting the private key of a local certificate.
des-cbc: Specifies DES_CBC for encrypting the private key of a local certificate.
pem-key: Specifies a password for encrypting the private key of a local certificate in PEM format.
filename filename: Specifies the name of the file for storing the certificate. The file name is a
case-insensitive string. If you do not specify a file name when you export certificates in PEM format,
this command displays the certificates on the monitor screen.
Usage guidelines
When you export the CA certificate, the following conditions might exist:
•
If the PKI domain has only one CA certificate, this command exports the CA certificate to a file
or displays it on the monitor screen.
•
If the PKI domain has a CA certificate chain, this command exports the certificate chain to a file
or displays it on the monitor screen.
When you export a local certificate to a local file, the local file name might be different from the file
name specified in the command. The file name depends on the usage of the key pair contained in the
certificate.
The following example uses certificate as the file name for saving an exported local certificate.
•
If the local certificate contains an RSA signing key pair, the local file name is
certificate-signature.
•
If the local certificate contains an RSA encryption key pair, the local file name is
certificate-encryption.
•
If the local certificate contains a general purpose RSA, ECDSA, or DSA key pair, the local file
name is certificate.
If the PKI domain has two local certificates, the local certificates are exported as follows:
•
If you specify a file name, the two local certificates are exported to two different files.
•
If you do not specify a file name, the local certificates are displayed on the monitor screen,
separated by system prompts.
When you export all certificates, the following conditions might exist:
•
If the PKI domain has only the CA certificate or local certificates, the result is the same as when
you export the CA certificate or local certificates separately.
Symbol
|
:
429
Character name
Quotation marks
Apostrophe
Symbol
"
'
Advertisement
