Chapter 35: Public Key Infrastructure (PKI) Certificate Commands

CREATE PKI CERTIFICATE

Syntax

create pki certificate=name keypair=key-idserialnumber=value [format=derpem] subject=”distinguished-name

Parameters

 

 

certificate

Specifies a name for the self-signed certificate. The

 

name can be from one to eight alphanumeric

 

characters. Spaces are allowed; if included, the name

 

must be enclosed in double quotes. The

 

management software automatically adds the “.cer”

 

extension.

 

keypair

Specifies the ID of the key pair you want to use to

 

create the certificate.

serialnumber

Specifies the serial number for the certificate. The

 

range is 0 to 2147483647. The default is 0.

format

Specifies the type of encoding the certificate will

 

use. Possible settings are:

 

der

Specifies binary format which

 

 

cannot be displayed. This is the

 

 

default.

 

pem

Specifies an ASCII-encoded format

 

 

that allows the certificate to be

 

 

displayed once it is generated.

subject

Specifies the distinguished name for the certificate.

 

The name must be enclosed in quotes.

Description

This command creates a self-signed certificate. You can use the certificate to add encryption to your web browser management sessions of the switch. A new self-signed certificate is automatically stored in the switch’s file system.

Before you can create a self-signed certificate, you must create an encryption key pair. The certificate will contain the public key of the key pair. To create a key pair, refer to CREATE PKI CERTIFICATE on page 518.

518

Page 518
Image 518
Allied Telesis management software layer 2+ fast ethernet switches manual Create PKI Certificate