Brocade OS Command Reference Manual Supporting Fabric OS v6.0.0 (53-1000599-01, October 2007)
544 Fabric OS Command Reference
53-1000599-01
secCertUtil
2
secCertUtil
Manages third-party PKI-based certificates in the switch.
Synopsis seccertutil
Description Use this command to manage third-party certificates in the switch. This command also imports or
exports Certificate Signing Requests from or to remote host using IPV6 addresses and IPV4
addresses.
This command can be used to do the following:
• Generate a public/private key pair.
• Generate a certificate signing request (CSR).
• Delete a CSR.
• List the certificates present in the switch.
• Display the contents of a certificate/CSR.
• Delete a specific certificate.
• Configure SSL certificate file name.
• Enable secure protocols.
Operands The following operands are supported:
delcsr Delete CSR
delete file name Delete certificate
export Export CSR
genkey Generates a public/private key pair. This is the first step for setting up
third-party certificates. The key length can be either 1,024 or 2,048 bits long.
The greater the length of the key, the more secure is the connection; however,
the performance goes down. The keys are generated only after deleting
existing CSR and all other certificates.
delkey Delete public/private key pair.
gencsr Generates a new CSR for the switch. This is second step for setting up
third-party certificates in the switch. To generate a CSR, the admin must
answer a series of questions prompted by this option. Once all questions are
answered, a CSR is generated and placed in a file named ip_address.csr,
where the ip_address is the IP address of the switch.
import [-config cacert] | [-config swcert [-enable https]]
Import a certificate. Use this command to download a certificate issued by a
CA after sending the CSR to the CA. Set imported certificate with the -config
option.
-config swcert Configure SSL certificate filename (optional)
-config cacert Configure CA certificate filename (optional)
-enable https Enable secure https (optional)