Deployment Guide
1004 Fabric OS Command Reference
53-1003131-01
secCertUtil
2
To export an FCAP switch CSR in interactive mode:
switch:admin> seccertutil export -fcapswcsr
Select protocol [ftp or scp]: scp
Enter IP address: 10.32.2.25
Enter remote directory: /users/myname/OPENSSL
Enter Login Name: myname
myname@10.32.2.25's password:
Success: exported FCAP switch CSR
To delete an LDAP CA certificate in interactive mode:
switch:admin> seccertutil delete -ldapcacert filename.pem
WARNING!!!
About to delete certificate: filename.cer
ARE YOU SURE (yes, y, no, n): [no] y
Deleted LDAP certificate successfully
To delete an LDAP CA certificate in noninteractive mode:
switch:admin> seccertutil delete -ldapcacert filename.pem
Deleted LDAP certificate successfully
To delete all FCAP PKI objects:
switch:admin> seccertutil delete -fcapall
WARNING!!!
About to delete FCAP-Files:
ARE YOU SURE (yes, y, no, n): [no] y
To generate FCAP PKI objects:
switch:admin> seccertutil generate \
-fcapall -keysize 1024
Generating a new key pair will automatically
do the following:
1. Delete all existing CSRs.
2. Delete existing switch certificate.
3. Reset the certificate filename to none.
Continue (yes, y, no, n): [no] y
Installing Private Key and Csr...
Switch key pair and CSR generated...
To display the FCAP PKI objects:
switch:admin> seccertutil show -fcapall
List of fcap files:
Passphrase : Exist
Private Key : Exist
CSR : Exist
Certificate : Empty
Root Certificate: Exist
To display the LDAP certificate file name on a switch:
switch:admin> seccertutil show -ldapcacert
List of ldap ca certificate files:
Sample.cer