Create pki certificate – Allied Telesis AT-S63 User Manual

Chapter 37: Public Key Infrastructure (PKI) Certificate Commands

624

Section VIII: Management Security

CREATE PKI CERTIFICATE

Syntax

create pki certificate=

name

keypair=

key-id

serialnumber=

value

[format=der|pem]

subject="

distinguished-name

"

Parameters

certificate

Specifies a name for the self-signed certificate. The
name can be from one to eight alphanumeric
characters. Spaces are allowed; if included, the name
must be enclosed in double quotes. The
management software automatically adds the “.cer”
extension.

keypair

Specifies the ID of the key pair that you want to use to

create the certificate.

serialnumber

Specifies the serial number for the certificate. The

range is 0 to 2147483647. The default is 0.

format

Specifies the type of encoding the certificate will use.
The options are:

der

Specifies binary format which cannot
be displayed. This is the default.

pem

Specifies an ASCII-encoded format
that allows the certificate to be
displayed once it is generated.

subject

Specifies the distinguished name for the certificate.
The name must be enclosed in quotes.

Description

This command creates a self-signed certificate. You can use the certificate
to add encryption to your web browser management sessions of the
switch. A new self-signed certificate is automatically stored in the switch’s
file system.

Before you can create a self-signed certificate, you must create an
encryption key pair. The certificate will contain the public key of the key
pair. To create a key pair, refer to “CREATE PKI CERTIFICATE” on
page 624.

After you have created a new self-signed certificate, you need to load it
into the certificate database. The switch cannot use the certificate for