Create pki enrollmentrequest, Quest using “create pki – Allied Telesis AT-S63 User Manual

Page 779

background image

AT-S63 Management Software Command Line User’s Guide

Section IX: Management Security

779

CREATE PKI ENROLLMENTREQUEST

Syntax

create pki enrollmentrequest="

name

"

keypair=

key-id

[format=der|pem] [type=pkcs10]

Parameters

enrollmentrequest

Specifies a filename for the enrollment request. The
filename can be from 1 to 8 alphanumeric
characters. If the name contains spaces, it must be
enclosed in double quotes. The management
software automatically adds the “.csr” extension.

keypair

Specifies the key pair that you want to use to create
the enrollment request.

format

Specifies the type of encoding the certificate
request will use. The options are:

der

Specifies binary format which cannot

be displayed. This is the default.

pem

Specifies an ASCII-encoded format

that allows the certificate to be
displayed once it is generated.

type

Formats the request according to PKCS #10.

Description

This command creates a certificate enrollment request. You create an
enrollment request when you want a public or private CA to issue a
certificate.

Before you can create an enrollment request, you must create the key pair
that you want the CA to use when creating the certificate. The enrollment
request will contain the public key of the key pair. To create a key pair,
refer to “CREATE PKI CERTIFICATE” on page 776.

You must also set the system’s distinguished name before using this
command. To set the distinguished name, refer to “SET SYSTEM
DISTINGUISHEDNAME” on page 786
.

Note

For a review of the steps to configuring the web server for a CA
certificate, refer to “SET HTTP SERVER” on page 759.