Digi IX30 User Manual page 385

Virtual Private Networks (VPN)
a. To enable the creation of a new private key for renewal requests:
(config network scep_client scep_client_name)> renewal new_key true
(config network scep_client scep_client_name)>
b. The use of a client certificate for renewal requests is enabled by default. To disable:
(config network scep_client scep_client_name)> renewal use_client_cert
false
(config network scep_client scep_client_name)>
12. Set the maximum time that the device will poll the SCEP server, when operating in manual
mode:
(config network scep_client scep_client_name)> max_poll_time value
(config network scep_client scep_client_name)>
where value is any number of weeks, days, hours, minutes, or seconds, and takes the format
number{w|d|h|m|s}.
For example, to set max_poll_time to ten minutes, enter either 10m or 600s:
(config network scep_client scep_client_name)> max_poll_time 600s
(config network scep_client scep_client_name)>
The default is 1d.
13. Set the amount of time that the device should wait between polling attempts, when operating
in manual mode:
(config network scep_client scep_client_name)> polling_interval value
(config network scep_client scep_client_name)>
where value is any number of weeks, days, hours, minutes, or seconds, and takes the format
number{w|d|h|m|s}.
For example, to set polling_interval to ten minutes, enter either 10m or 600s:
(config network scep_client scep_client_name)> polling_interval 600s
(config network scep_client scep_client_name)>
The default is 5s.
14. Set the bit size of the private key:
(config network scep_client scep_client_name)> key_length int
(config network scep_client scep_client_name)>
The default is 2048.
15. Set the number of days that the certificate enrollment can be renewed, prior to the request
expiring. This value is configured on the SCEP server, and is used by the IX30 device to
determine when to start attempting to auto-renew an existing certificate. The default is 7.
(config network scep_client scep_client_name)> renewable_time integer
(config network scep_client scep_client_name)>
IX30 User Guide
IPsec
385