Chapter 35: Public Key Infrastructure (PKI) Certificate Commands

Note

For a review of all the steps to configuring the web server for a CA certificate, refer to SET HTTP SERVER on page 500.

The ENROLLMENTREQUEST parameter specifies a filename for the request. The filename can contain from 1 to 8 alphanumeric characters. If spaces are used, the name must be enclosed in quotes. The management software automatically adds the “.csr” extension. This is the filename under which the request will be stored in the file system.

The KEYPAIR parameter specifies the key that you want to use to create the enrollment request. The public key of the pair is incorporated into the request.

The FORMAT parameter specifies the type of encoding format for the request. DER specifies that the enrollment request should be written straight to the binary file. PEM specifies that the enrollment request should be encoded using the “Privacy Enhanced Mail” format. The default is DER. This parameter is only valid for manual enrollment.

The TYPE parameter specifies the type of request. The only option is

PKCS10.

You do not need to use the SAVE CONFIGURATION command after you create an enrollment request. The file is permanently saved in the file system until you manually delete it.

Examples

The following command creates an enrollment request. It names the enrollment request file “Switch12” and uses the key pair with the ID 4 to generate the request:

create pki enrollmentrequest=Switch12 keypair=4

522

Page 522
Image 522
Allied Telesis management software layer 2+ fast ethernet switches PKCS10, Create pki enrollmentrequest=Switch12 keypair=4