beautypg.com

H3C Technologies H3C S6300 Series Switches User Manual

Page 223

background image

208

-----END ENCRYPTED PRIVATE KEY-----

2.

Download the certificate files pkicachain.pem, pkilocal.pem-sign, and pkilocal.pem-encr from

Device A to the host through FTP. (Details not shown.)

3.

Upload the certificate files pkicachain.pem, pkilocal.pem-sign, and pkilocal.pem-encr from the
host to Device B through FTP. (Details not shown.)

4.

Import the certificate files to Device B:
# Disable CRL checking. (You can configure CRL checking as required. This example assumes CRL
checking is not required.)

system-view

[DeviceB] pki domain importdomain

[DeviceB-pki-domain-importdomain] undo crl check enable

# Specify the RSA key pair for signature as sign, and the RSA key pair for encryption as encr for
certificate request.

[DeviceB-pki-domain-importdomain] public-key rsa signature name sign encryption name

encr

[DeviceB-pki-domain-importdomain] quit

# Import the CA certificate file pkicachain.pem in PEM format to the PKI domain.

[DeviceB] pki import domain importdomain pem ca filename pkicachain.pem

# Import the local certificate file pkilocal.pem-signature in PEM format to the PKI domain. The
certificate file contains a key pair.

[DeviceB] pki import domain importdomain pem local filename pkilocal.pem-signature

Please input the password:******

# Import the local certificate file pkilocal.pem-encryption in PEM format to the PKI domain. The
certificate file contains a key pair.

[DeviceB] pki import domain importdomain pem local filename pkilocal.pem-encryption

Please input the password:******

# Display the imported local certificate information on Device B.

[DeviceB] display pki certificate domain importdomain local

Certificate:

Data:

Version: 3 (0x2)

Serial Number:

98:2c:79:ba:5e:8d:97:39:53:00

Signature Algorithm: sha256WithRSAEncryption

Issuer: C=CN, L=shangdi, ST=pukras, O=OpenCA Labs, OU=docm, CN=subca1

Validity

Not Before: May 26 05:56:49 2011 GMT

Not After : Nov 22 05:56:49 2012 GMT

Subject: C=CN, O=OpenCA Labs, OU=Users, CN=subsign 11

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

Public-Key: (1024 bit)

Modulus:

00:9f:6e:2f:f6:cb:3d:08:19:9a:4a:ac:b4:ac:63:

ce:8d:6a:4c:3a:30:19:3c:14:ff:a9:50:04:f5:00:

ee:a3:aa:03:cb:b3:49:c4:f8:ae:55:ee:43:93:69:

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: