Administrator Guide
Related Commands
• crypto cert install
• crypto ca-cert install
• crypto cert generate
crypto x509 ca-keyid
Creates a per-certicate conguration context using the specied subject key identier.
Syntax
crypto x509 ca-keyid subject-key-identifier
Use to the no crypto x509 ca-keyid command to remove this conguration.
Parameters
subject-key-
identier
Enter the content of the SubjectKeyIdentifier eld from the CA certicate.
NOTE: To get the subject key identier details, enter the show crypto ca-
cert command. This command displays the CA certicate details.
Defaults None.
Command Modes
• CONFIGURATION Mode
Command History
This guide is platform-specic. For command information about other platforms, see the relevant Dell Networking
OS Command Line Reference Guide.
The following is a list of the Dell Networking OS version history for this command:
Version Description
9.11.0.0 Introduced this command.
Usage Information
The following RBAC roles are allowed to issue this command:
• sysadmin
• secadmin
When you use this command, the device maps the current certicate context in the certicate store to a CA
certicate through the subject key identier eld. The subject key identier eld contains the SHA-1 hash of the
CA’s public key. This conguration provides a way to uniquely identify a CA and associate it with any CA-specic
settings.
This context is used to store certicate-specic settings such as alternate CRL and OCSP locations. Incoming X.
509 certicates whose AuthorityKeyIdentifierextensions match the congured subject key identier has
these settings applied to them.
The crypto x509 ca-keyid command when used with the ocsp-server command in the global
conguration mode creates a per-certicate conguration context under which the remaining commands are
entered.
Related Commands
• ocsp-server
• crypto x509 ocsp
X.509v3 1717