Create pki certificate – Allied Telesis AT-S63 User Manual
Page 670

Chapter 39: Public Key Infrastructure (PKI) Certificate Commands
670
Section IX: Management Security
CREATE PKI CERTIFICATE
Syntax
create pki certificate=
name
keypair=
key-id
serialnumber=
value
[format=der|pem]
subject="
distinguished-name
"
Parameters
certificate
Specifies a name for the self-signed certificate. The 
name can be from one to eight alphanumeric 
characters. Spaces are allowed; if included, the name 
must be enclosed in double quotes. The 
management software automatically adds the “.cer” 
extension.
keypair
Specifies the ID of the key pair that you want to use to
create the certificate.
serialnumber
Specifies the serial number for the certificate. The
range is 0 to 2147483647. The default is 0.
format
Specifies the type of encoding the certificate will use. 
The options are:
der
Specifies binary format which cannot 
be displayed. This is the default.
pem
Specifies an ASCII-encoded format 
that allows the certificate to be 
displayed once it is generated.
subject
Specifies the distinguished name for the certificate. 
The name must be enclosed in quotes.
Description
This command creates a self-signed certificate. You can use the certificate 
to add encryption to your web browser management sessions of the 
switch. A new self-signed certificate is automatically stored in the switch’s 
file system.
Before you can create a self-signed certificate, you must create an 
encryption key pair. The certificate will contain the public key of the key 
pair. To create a key pair, refer to “CREATE PKI CERTIFICATE” on 
page 670.
After you have created a new self-signed certificate, you need to load it 
into the certificate database. The switch cannot use the certificate for 
