beautypg.com

Crypto certificate request – Allied Telesis AT-S95 CLI (AT-8000GS Series) User Manual

Page 366

background image

Page 366

Allied Telesis
AT-8000GS Command Line Interface User’s Guide

Parameters

number — Specifies the certificate number. (Range: 1 - 2)

key-generate — Regenerate the SSL RSA key.

length — Specifies the SSL RSA key length. (Range: 512 - 2048)

string — Passphrase used for exporting the certificate in PKCS12 file format. If unspecified the certificate is

not exportable.

common- name — Specifies the fully qualified URL or IP address of the device. (Range: 1 - 64). If

unspecified, defaults to the lowest static IPv6 address of the device (when the certificate is generated) ,or to
the lowest static IPv4 address of the device if there is no static IPv6 address, or to 0.0.0.0 if there is no static
IP address.

organization — Specifies the organization name. (Range: 1 - 64)

organization-unit — Specifies the organization-unit or department name.(Range: 1 - 64)

location — Specifies the location or city name. (Range: 1 - 64)

state — Specifies the state or province name. (Range: 1 - 64)

country — Specifies the country name. (Range: 2 - 2)

days — Specifies number of days certification is valid. (Range: 30 - 3650)

Default Configuration

The Certificate and SSL’s RSA key pairs do not exist.

If no certificate number is specified, the default certificate number is 1.

If no RSA key length is specified, the default length is 1024.

If no URL or IP address is specified, the default common name is the lowest IP address of the device at the time
that the certificate is generated.

If the number of days is not specified, the default period of time that the certification is valid is 365 days.

Command Mode

Global Configuration mode

User Guidelines

The command is not saved in the device configuration; however, the certificate and keys generated by this
command are saved in the private configuration (which is never displayed to the user or backed up to another
device).

Use this command to generate a self-signed certificate for the device.

If the RSA keys do not exist, parameter key-generate must be used.

Example

The following example regenerates an HTTPS certificate.

crypto certificate request

The crypto certificate request Privileged EXEC mode command generates and displays certificate requests for
HTTPS.

console(config)# crypto certificate 1 generate key-generate

See also other documents in the category Allied Telesis Computer hardware: