CA Identity Mode Commands
14-86 Configuring the VPN
Mode
CertificateAuthorityIdentityconfiguration:XSR(ca-identity)#
Example
ThefollowingexamplesetstheCRLtoberetrievedforfivehours:
XSR(config)#crypto ca identity ACMEca
XSR(ca-identify)crl frequency 300

enrollment http-proxy

ThiscommandspecifiesthelocalHTTPproxyservernameandport.
Syntax
enrollment http-proxy hostname port_#
Syntax of the “no” Form
Thenoformofthiscommandclearstheproxyserversetting:
no enrollment http-proxy
Mode
CertificateAuthorityIdentityconfiguration:XSR(ca-identity)#
Example
ThefollowingexamplesetstheHTTPproxyserverIPaddressandport#:
XSR(config)#crypto ca identity ACMEca
XSR(ca-identity)#enrollment http-proxy 192.168.57.9 999

enrollment retry count

ThiscommandspecifieshowmanytimestheXSRresendsacertificaterequestwhenitdoesnot
receiveacertificatefromtheCertificateAuthority(CA)fromthepreviousrequest.
Syntax
enrollment retry count number
hostname TheURLofthelocalHTTPproxyserver,whichistheproxyserverʹsIPaddress.
port_# HTTPProxyserverportnumber,rangingfrom1to10,000.
number AttemptstheXSRwillmaketoresendacertificaterequesttotheCA
whilewaitingonanoriginalrequest.Range:1to100.