pki create

Description                                                    Create a self-signed certificate.

Syntax                                                                  pki create {
certificate cert-name [csr-generate] |
csr 
  {name [renew cert-name] use-mgmt-port url |
  cert-expiration-within days {local | use-mgmt-port url}
}

Commands

Description

create

Creates a self-signed certificate or a certificate signed request (CSR) file.

[certificate certificate-name]

Creates the self-signed certificate. You can specify up to 255 characters in the name.

[csr csr_name]

  {name [renew cert-name] use-mgmt-port url |
  cert-expiration-within days {local | use-mgmt-port url}

 

Creates a certificate signed request (CSR) and allows you to specify a file name. You can specify up to 255 characters in the name.

The following options apply to name:

  name is the name of the CSR file.

  renew allows you to create a CSR file name to renew an expiring certificate.

  use-mgmt-port uses the management interface as the source interface for the connection to the remote device. The management route table is used to reach the device. By default, the ACOS device attempts to use the data route table to reach the remote device through a data interface.

The following options apply to cert-expiration-within:

  days allows you to specify in how many days the certificate will expire. You can select from 0 to 100 days.

  local allows you to save the CSR file on your local drive.

  use-mgmt-port uses the management interface as the source interface for the connection to the remote device. The management route table is used to reach the device. By default, the ACOS device attempts to use the data route table to reach the remote device through a data interface.

url

File transfer protocol, username (if required), and directory path.

You can enter the entire URL on the command line or press Enter to display a prompt for each part of the URL. If you enter the entire URL and a password is required, you will still be prompted for the password. The password can be up to 255 characters long.

To enter the entire URL:

  tftp://host/file

  ftp://[user@]host[:port]/file

  scp://[user@]host/file

  sftp://[user@]host/file

Mode                                                                   Configuration Mode

Usage                                                                  See the description.

Table of Contents

Index

Glossary

-Search-

Back