H3C Technologies H3C S3600 Series Switches User Manual

1-18

# Specify the entity for certificate request as aaa.

[Switch-pki-domain-torsa] certificate request entity aaa

z

Generate a local key pair using RSA

[Switch] public-key local create rsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It may take a few minutes.

Input the bits in the modulus [default = 1024]:

Generating keys...

........++++++

....................................++++++

.......++++++++

......................++++++++

.

z

Apply for certificates

# Retrieve the CA certificate and save it locally.

[Switch] pki retrieval-certificate ca domain torsa

Retrieving CA/RA certificates. Please wait a while......

The trusted CA's finger print is:

MD5 fingerprint:766C D2C8 9E46 845B 4DCE 439C 1C1F 83AB

SHA1 fingerprint:97E5 DDED AB39 3141 75FB DB5C E7F8 D7D7 7C9B 97B4

Is the finger print correct?(Y/N):y

Saving CA/RA certificates chain, please wait a moment......

CA certificates retrieval success.

# Request a local certificate manually.

[Switch] pki request-certificate domain torsa challenge-word

Certificate is being requested, please wait......

Certificate request Successfully!

Saving the local certificate to device......

Done!

3) Verify your configuration

# Use the following command to view information about the local certificate acquired.

display pki certificate local domain torsa

Certificate:

Data:

Version: 3 (0x2)

Serial Number:

48FA0FD9 00000000 000C

Signature Algorithm: sha1WithRSAEncryption

Issuer:

CN=CA server

Validity

Not Before: Nov 21 12:32:16 2007 GMT

Not After : Nov 21 12:42:16 2008 GMT