Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

1711

Related Commands

• crypto cert install

• crypto ca-cert install

• crypto cert generate

crypto x509 ca-keyid

Creates a per-certicate conguration context using the specied subject key identier.

Syntax

crypto x509 ca-keyid subject-key-identifier

Use to the no crypto x509 ca-keyid command to remove this conguration.

Parameters

subject-key-

identier

Enter the content of the SubjectKeyIdentifier eld from the CA certicate.

NOTE: To get the subject key identier details, enter the show crypto ca-

cert command. This command displays the CA certicate details.

Defaults None.

Command Modes

• CONFIGURATION Mode

Command History

This guide is platform-specic. For command information about other platforms, see the relevant Dell Networking

OS Command Line Reference Guide.

The following is a list of the Dell Networking OS version history for this command:

Version Description

9.11.0.0 Introduced this command.

Usage Information

The following RBAC roles are allowed to issue this command:

• sysadmin

• secadmin

When you use this command, the device maps the current certicate context in the certicate store to a CA

certicate through the subject key identier eld. The subject key identier eld contains the SHA-1 hash of the

CA’s public key. This conguration provides a way to uniquely identify a CA and associate it with any CA-specic

settings.

This context is used to store certicate-specic settings such as alternate CRL and OCSP locations. Incoming X.

509 certicates whose AuthorityKeyIdentifierextensions match the congured subject key identier has

these settings applied to them.

The crypto x509 ca-keyid command when used with the ocsp-server command in the global

conguration mode creates a per-certicate conguration context under which the remaining commands are

entered.

Related Commands

• ocsp-server

• crypto x509 ocsp

X.509v3 1717