Version
Description
9.11.0.0
Introduced the command.
Usage Information
The following RBAC roles are allowed to issue this command:
•
sysadmin
•
secadmin
If the cert-file option is not specified in the command, then the system interactively prompts you to fill in various
fields of the certificate signing request (CSR). You are prompted to fill out some metadata information for the
certificate. The following example shows the fields that you are prompted to fill:
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank.
For some fields there will be a default value; if you enter '.', the field
will be left blank.
-----
Country Name (2 letter code) [US]:
State or Province Name (full name) [Some-State]:California
Locality Name (eg, city) []:San Francisco
Organization Name (eg, company) []:Starfleet Command
Organizational Unit Name (eg, section) []:NCC-1701A
Common Name (eg, YOUR name) [S4810-001]:
Email Address []:[email protected]
You can enter only 256 characters per command. If you have field values that are larger than 256 characters in
length, use the interactive mode of the command.
Related Commands
•
crypto cert install
Installs a trusted certificate on a device.
Syntax
crypto cert install cert-file
cert-path
key-file {
key-path
| private} [password
passphrase
]
Parameters
cert-file
Enter the keyword
cert-file
to specify that the certificate needs to be downloaded.
cert-path
Enter the path where the certificate is locally stored. The path can be a full path or a
relative path. If the system accepts this path, a notification is sent indicating the location
where the certificate file is stored. Following are example of a path that you can specify:
flash://certs/s4810-001-request.crt
and
usbflash:/certs/
s4810-001-cert.pem
NOTE:
Before installing a trusted certificate, you first need to download it
from a remote CA using the copy command.
.
key-file
Enter the keyword
key-file
to specify the private key.
private
Enter the keyword private to specify that the key is stored in a hidden location in the
NVRAM. Only one private key can exist in a hidden location at any given point in time.
key-path
Enter the absolute or relative location on the device where the key is stored.
X.509v3
1735