Deployment Guide
996 Fabric OS Command Reference
53-1003131-01
secCertUtil
2
secCertUtil
Manages certificates on a switch.
SYNOPSIS seccertutil
seccertutil genkey [-nowarn] [-keysize 1024 | 2048]
seccertutil delkey [-nowarn][-all]
seccertutil gencsr [-country country code] [-state state]
[-locality locality] [-org organization]
[-orgunit organization unit] [-cn common name]
seccertutil delcsr [-nowarn]
seccertutil showcsr
seccertutil generate [-fcapall | -commoncertall][-keysize 1024 | 2048]
seccertutil delete [-ldapcacert [certificate name] | -fcapcacert |
-fcapswcert | -fcapall | -commoncertall | certificate name] [-nowarn]
seccertutil export [-ldapcacert [-certname certificate name] |
-fcapswcert | -fcapswcsr | -fcapcacert |
-commonswcert | -commonswcsr | -commoncacert]
[-protocol ftp | scp] [-ipaddr IP address]
[-remotedir remote directory ] [
-login login name]
[-password password]
seccertutil import [-ldapcacert | -fcapswcert |
-fcapcacert | -config cacert | -config swcert [-enable https]
-commonswcert | -commoncacert]
[-protocol ftp | scp] [-ipaddr IP address]
[-remotedir remote directory ] [-certname certificate name]
[-login login name] [-password password]
seccertutil show [-ldapcacert] | [-fcapall] | [-fcapswcert] |
[-commoncertall] | [filename]
DESCRIPTION Use this command to manage third-party certificates on a switch, including Public Key Infrastructure
(PKI) based certificates, Lightweight Directory Access Protocol (LDAP) certificates, and FCAP
certificates. This command also imports or exports Certificate Signing Requests (CSRs) from or to a
remote host. This command supports IPV4 and IPV6 addresses.
Use this command to do the following:
• Generate a public/private key pair.
• Delete a public/private key pair.
• Generate a CSR.
• Delete a CSR.
• List existing certificates on a switch.
• Display the contents of a certificate or CSR.
• Delete a specified certificate.