Chapter 8 Certificates Commands

Table 24 Certificates Commands (continued)

COMMAND

DESCRIPTION

M

certificates remote_trusted

Exports the PEM-encoded certificate to your CLI session’s

R+B

export <name>

window for you to copy and paste.

 

certificates remote_trusted

Imports the specified certificate file from the specified remote web

R+B

http_import <url> <name>

server as the device’s trusted remote host. The certificate file

 

[proxy-url]

must be in one of the following formats: 1) Binary X.509, 2) PEM-

 

 

encoded X.509, 3) Binary PKCS#7, and 4) PEM-encoded

 

 

PKCS#7.

 

 

proxy-url: Specifies the location of the certificate to be

 

 

imported.

 

 

 

 

certificates remote_trusted

Imports the specified PEM-encoded remote host certificate from

R+B

import <name>

your CLI session. After you enter the command, copy and paste

 

 

the PEM-encoded certificate into your CLI session window. With

 

 

some terminal emulation software you may need to move your

 

 

mouse around to get the transfer going.

 

 

 

 

certificates remote_trusted

Displays all trusted remote host certificate names and their basic

R+B

list

information.

 

certificates remote_trusted

Renames the specified trusted remote host certificate.

R+B

rename <old-name><new-name>

 

 

certificates remote_trusted

Has the ZyWALL verify the certification path of the specified

R+B

verify <name> [timeout]

trusted remote host certificate.

 

certificates remote_trusted

Displays information about the specified trusted remote host

R+B

view <name>

certificate.

 

8.2 Command Examples

This example creates and displays a self signed certificate named “test” with a subject alternative common name of “cert-test” organization of “my-company”, country of “TW”, and IP 172.16.2.2. It uses a 512 bit key and is valid for 5 years.

ras> certificates my_cert create

self_signed test "CN=cert-test,O=my-

 

company,C=TW;ip=172.16.2.2" 512

5

 

 

The self-signed certificate has

been successfully generated.

 

ras> certificates my_cert list

 

 

 

 

PKI Storage Space in Use: 2%

]

Type [ Subject Name ]

[ Issuer Name ] From [To]

[

Certificate Name

auto_generated_self_signed_cert

*SELF CN=ZyWALL 70 ...

CN=ZyWALL 70...

2000 2030

test

 

 

SELF CN=cert-test,...

CN=cert-test...

2007 2012

--------------------------------------------------------------------------------

Total number of certificates: 2

Legends: NYV - Not Yet Valid, EXPD - Expired, EXPG - Expiring, CERT - Certificate, REQ - Certification Request, SELF - Self-signed Certificate, *SELF - Default Self-signed Certificate

58

 

ZyWALL (ZyNOS) CLI Reference Guide