R3303-HP HSR6800 Routers Security Command Reference
242
Examples
# Specify that the entity requests a certificate from the CA.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] certificate request from ca
certificate request mode
Use certificate request mode to set the certificate request mode.
Use undo certificate request mode to restore the default.
Syntax
certificate request mode { auto [ key-length key-length | password { cipher | simple } password ] * |
manual }
undo certificate request mode
Default
Manual mode is used.
Views
PKI domain view
Default command level
2: System level
Parameters
auto: Requests a certificate in auto mode.
key-length: Specifies the length of the RSA keys in bits. The value range is 512 to 2048, and the default
is 1024.
cipher: Sets a ciphertext password for certificate revocation.
simple: Sets a plaintext password for certificate revocation.
password: Specifies the password string. This argument is case sensitive. If simple is specified, it must be
a string of 1 to 31 characters. If cipher is specified, it must be a ciphertext string of 1 to 73 characters.
manual: Requests a certificate in manual mode.
Usage guidelines
In auto mode, an entity automatically requests a certificate from an RA or CA when it has no certificate.
However, if the certificate will expire or has expired, the entity does not initiate a re-request automatically,
in which case you need to request a new one manually. In manual mode, all operations associated with
certificate request are performed manually.
For security purposes, all passwords, including passwords configured in plain text, are saved in cipher
text to the configuration file.
Examples
# Specify to request a certificate in auto mode.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] certificate request mode auto