32

Certificates

This chapter explains how to use the Certificates.

32.1 Certificates Overview

The NXC can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication.

A Certification Authority (CA) issues certificates and guarantees the identity of each certificate owner. There are commercial certification authorities like CyberTrust or VeriSign and government certification authorities. You can use the NXC to generate certification requests that contain identifying information and public keys and then send the certification requests to a certification authority.

32.2 Certificate Commands

This section describes the commands for configuring certificates.

32.3 Certificates Commands Input Values

The following table explains the values you can input with the certificate commands.

Table 117 Certificates Commands Input Values

LABEL

DESCRIPTION

certificate_name

The name of a certificate. You can use up to 31 alphanumeric and

 

;‘~!@#$%^&()_+[]{}’,.=- characters.

 

 

cn_address

A common name IP address identifies the certificate’s owner. Type the IP

 

address in dotted decimal notation.

 

 

cn_domain_name

A common name domain name identifies the certificate’s owner. The

 

domain name is for identification purposes only and can be any string.

 

The domain name can be up to 255 characters. You can use

 

alphanumeric characters, the hyphen and periods.

 

 

cn_email

A common name e-mail address identifies the certificate’s owner. The e-

 

mail address is for identification purposes only and can be any string.

 

The e-mail address can be up to 63 characters. You can use

 

alphanumeric characters, the hyphen, the @ symbol, periods and the

 

underscore.

 

 

 

203

NXC CLI Reference Guide