Chapter 35: Public Key Infrastructure (PKI) Certificate Commands
518
CREATE PKI CERTIFICATESyntax
create pki certificate=name keypair=key-id
serialnumber=value [format=der|pem]
subject=”distinguished-name”
Parameters
certificate Specifies a name for the self-signed certificate. The
name can be from one to eight alphanumeric
characters. Spaces are allowed; if included, the name
must be enclosed in double quotes. The
management software automatically adds the “.cer”
extension.
keypair Specifies the ID of the key pair you want to use to
create the certificate.
serialnumber Specifies the serial number for the certificate. The
range is 0 to 2147483647. The default is 0.
format Specifies the type of encoding the certificate will
use. Possible settings are:
der Specifies binary format which
cannot be displayed. This is the
default.
pem Specifies an ASCII-encoded format
that allows the certificate to be
displayed once it is generated.
subject Specifies the distinguished name for the certificate.
The name must be enclosed in quotes.
Description
This command creates a self-signed certificate. You can use the
certificate to add encryption to your web browser management sessions
of the switch. A new self-signed certificate is automatically stored in the
switch’s file system.
Before you can create a self-signed certificate, you must create an
encryption key pair. The certificate will contain the public key of the key
pair. To create a key pair, refer to CREATE PKI CERTIFICATE on page 518.