HP VPN Firewall Appliances VPN Command Reference
120
Certificate management commands
attribute
Use attribute to configure the attribute rules of the certificate issuer name, certificate subject name and
alternative certificate subject name.
Use undo attribute to delete the attribute rules of one or all certificates.
Syntax
attribute id { alt-subject-name { fqdn | ip } | { issuer-name | subject-name } { dn | fqdn | ip } } { ctn |
equ | nctn | nequ} attribute-value
undo attribute { id | all }
Default
No restriction exists on the issuer name, subject name, and alternative subject name of a certificate.
Views
Certificate attribute group view
Default command level
2: System level
Parameters
id: Sequence number of the certificate attribute rule, in the range of 1 to 16.
alt-subject-name: Specifies the name of the alternative certificate subject.
fqdn: Specifies the FQDN of the entity.
ip: Specifies the IP address of the entity.
issuer-name: Specifies the name of the certificate issuer.
subject-name: Specifies the name of the certificate subject.
dn: Specifies the distinguished name of the entity.
ctn: Specifies the contain operation.
equ: Specifies the equal operation.
nctn: Specifies the not-contain operation.
nequ: Specifies the not-equal operation.
attribute-value: Value of the certificate attribute, a case-insensitive string of 1 to 128 characters.
all: Specifies all certificate attributes.
Usage guidelines
The attribute of the alternative certificate subject name does not appear as a distinguished name, and
therefore the dn keyword is not available for the attribute.