Create pki enrollmentrequest, Quest using create pki – Allied Telesis AT-S62 User Manual

Page 372

background image

Chapter 28: Public Key Infrastructure (PKI) Certificate Commands

372

CREATE PKI ENROLLMENTREQUEST

Syntax

create pki enrollmentrequest=”name keypair=key-
id
[format=der|pem] [type=pkcs10]

Parameters

enrollmentrequest

Specifies a filename for the enrollment request.
The filename can be from 1 to 8 alphanumeric
characters. If the name contains spaces, it must be
enclosed in double quotes. The management
software automatically adds the “.csr” extension.

keypair

Specifies the key pair that you want to use to
create the enrollment request.

format

Specifies the type of encoding the certificate
request will use. Possible settings are:

der

Specifies binary format which

cannot be displayed. This is the
default.

pem

Specifies an ASCII-encoded format

that allows the certificate to be
displayed once it is generated.

type

Formats the request according to PKCS #10.

Description

This command creates a certificate enrollment request. You create an
enrollment request when you want a public or private CA to issue a
certificate.

Before you can create an enrollment request, you must create the key
pair that you want the CA to use when creating the certificate. The
enrollment request will contain the public key of the key pair. To create a
key pair, refer to CREATE PKI CERTIFICATE on page 369.

You must also set the system’s distinguished name before using this
command. For a explanation of distinguished names, refer to the
AT-S62 Management Software User’s Guide. To set the distinguished
name, refer to SET SYSTEM DISTINGUISHEDNAME on page 379.