Dell POWEREDGE M1000E User Manual
Page 926
898
Fabric OS Command Reference
53-1002746-01
secCertUtil
2
•
Import or export a certificate.
•
Configure a SSL certificate file name.
•
Enable secure protocols.
This command takes an action and associated arguments. If only an action is specified, this command
prompts interactively for input values of the associated arguments. The command runs noninteractively
when the arguments associated with a given action are specified on the command line. When invoked
without operands, this command displays the usage.
This command is also supported in Access Gateway mode, for FCAP authentication between AG and
the switch.
NOTES
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
Before you import a certificate from Windows system, convert the certificate to a Unix file format with the
dos2unix utility.
OPERANDS
This command has the following operands:
genkey
Generates a public/private key pair. This is the first step in setting up a third-party
certificate. The following operands are optional; when omitted, the command
prompts interactively for input values to these operands.
-keysize 1024 | 2048
Specifies the size of the key. Valid values are 1024 or 2048 bits. The greater the
value, the more secure is the connection; however, performance degrades with
size. The keys are generated only after all existing CSRs and certificates have
been deleted.
-nowarn
Specifies that no warning is given when overwriting or deleting data. If this
operand is omitted, the command prompts for confirmation before existing CSRs
and certificates are deleted.
delkey
Deletes all public/private key pairs with the exception of Encryption-related
certificates and key pairs. This command prompts for confirmation unless
-nowarn is specified.
-nowarn
Executes the delete operation without confirmation.
-all
Deletes all public/private key pairs including Encryption-related certificates and
key pairs.
gencsr
Generates a new CSR for the switch. This is the second step in setting up a
third-party certificate. The following operands are optional; if omitted, the
command prompts for answers to a series of questions. If only one or a few
operands are specified. the command prompts for input to the remaining
questions. When all questions are answered, a CSR is generated and placed in a
file named ip_address.csr, where ip_address is the IP address of the switch.
-country country code
Specifies the country. Provide a two-letter country code, for example, US.
-state state
Specifies the state. Provide the full name, for example, California. If the state
consists of multiple words, it must be enclosed in double quotes.