Chapter 8 Certificate Commands

8.2 Default Values

The following table shows a list of default values.

Table 21 certificates Default Values

VARIABLE

DEFAULT VALUE

port

389

 

 

timeout

20 seconds

 

 

key-length

1024

 

 

8.3 Command Examples

This example creates and displays a self signed certificate named “test” with a subject alternative common name of “cert-test,” organization of “my-company”, country of “TW”, and IP 172.16.1.203. It uses a 512 bit key and is valid for 5 years.

ras> certificates my_cert create self_signed test "CN=cert-test,O=my-

 

company,C=TW;ip=172.16.1.203"

512 5

 

 

The self-signed certificate has

been successfully generated.

 

ras> certificates my_cert list

 

 

 

 

PKI Storage Space in Use: 2%

]

Type [ Subject Name ]

[ Issuer Name ] From [To]

[

Certificate Name

auto_generated_self_signed_cert

*SELF CN=ZyWALL 70 ...

CN=ZyWALL 70...

2000 2030

test

 

 

SELF CN=cert-test,...

CN=cert-test...

2007 2012

--------------------------------------------------------------------------------

Total number of certificates: 2

Legends: NYV - Not Yet Valid, EXPD - Expired, EXPG - Expiring, CERT - Certificate, REQ - Certification Request, SELF - Self-signed Certificate, *SELF - Default Self-signed Certificate

This example displays the certificate that the ZyXEL Device is using as the default self-signed certificate. Then it has the ZyXEL Device use the self signed certificate named “test” as the default self-signed certificate.

ras> certificates my_cert def_self_signed

The default self-signed certificate: auto_generated_self_signed_cert ras> certificates my_cert def_self_signed test

Would you like to make "test" as the default self-signed certificate? (y/n):y ras> certificates my_cert def_self_signed

The default self-signed certificate: test

52

 

DSL & IAD CLI Reference Guide