R3303-HP HSR6800 Routers Security Command Reference
256
Examples
# Configure the name of the organization unit to which an entity belongs as group1.
<Sysname> system-view
[Sysname] pki entity 1
[Sysname-pki-entity-1] organization-unit group1
pki certificate access-control-policy
Use pki certificate access-control-policy to create a certificate attribute-based access control policy and
enter its view.
Use undo pki certificate access-control-policy to remove one or all certificate attribute-based access
control policies.
Syntax
pki certificate access-control-policy policy-name
undo pki certificate access-control-policy { policy-name | all }
Default
No access control policy exists by default.
Views
System view
Default command level
2: System level
Parameters
policy-name: Specifies a certificate attribute-based access control policy by its name, a case-insensitive
string of 1 to 16 characters. It cannot be a, al, or all.
all: Specifies all certificate attribute-based access control policies.
Examples
# Configure an access control policy named mypolicy and enter its view.
<Sysname> system-view
[Sysname] pki certificate access-control-policy mypolicy
[Sysname-pki-cert-acp-mypolicy]
pki certificate attribute-group
Use pki certificate attribute-group to create a certificate attribute group and enter its view.
Use undo pki certificate attribute-group to delete one or all certificate attribute groups.
Syntax
pki certificate attribute-group group-name
undo pki certificate attribute-group { group-name | all }
Default
No certificate attribute group exists.