Submitting a certificate request in manual mode – H3C Technologies H3C S3600 Series Switches User Manual
Page 1173
1-8
Follow these steps to configure an entity to submit a certificate request in auto mode:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter PKI domain view
pki domain domain-name
—
Set the certificate request
mode to auto
certificate request mode auto
[ key-length key-length |
password { cipher | simple }
password ] *
Required
Manual by default
Submitting a Certificate Request in Manual Mode
In manual mode, you need to retrieve a CA certificate, generate a local RSA key pair, and submit a local
certificate request for an entity.
The goal of retrieving a CA certificate is to verify the authenticity and validity of a local certificate.
Generating an RSA key pair is an important step in certificate request. The key pair includes a public
key and a private key. The private key is kept by the user, while the public key is transferred to the CA
along with some other information.
Follow these steps to submit a certificate request in manual mode:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter PKI domain view
pki domain domain-name
—
Set the certificate request
mode to manual
certificate request mode
manual
Optional
Manual by default
Return to system view
quit
—
Retrieve a CA certificate
manually
Required
Generate a local RSA key pair
public-key local create rsa
Required
No local RSA key pair exists by
default.
Submit a local certificate
request manually
pki request-certificate
domain domain-name
[ password ] [ pkcs10
[ filename filename ] ]
Required