API Guide
Supported
releases
10.4.3.0 or later
crypto security-profile
Creates an application-specific security profile.
Syntax
crypto security-profile profile-name
Parameters profile-name — Enter the name of the security profile; a maximum of 32 characters.
Default Not configured
Command mode CONFIGURATION
Usage
information
Create a security profile for a specific application on the switch, such as RADIUS over TLS. A security
profile associates a certificate and private key pair using the certificate command. The no form of
the command deletes the security profile.
Example
OS10# crypto security-profile secure-radius-profile
OS10(config-sec-profile)#
Supported
releases
10.4.3.0 or later
peer-name-check
Enables peer name checking in a security profile for certificates presented by external devices.
Syntax
peer-name-check
Parameters None
Default Not configured
Command mode SEC-PROFILE
Usage
information
Use the peer-name-check command to enable an OS10 application to verify that the certificate used
to connect to the switch matches the name of the peer device, such as a remote server name. The no
version of the command disables peer name checking in the security profile.
Example
OS10(config)# crypto security-profile profile-1
OS10(config-sec-profile)# peer-name-check
OS10(config)# crypto security-profile profile-1
OS10(config-sec-profile)# no peer-name-check
Supported
releases
10.5.0 or later
revocation-check
Enables CRL checking in a security profile.
Syntax
revocation-check
Parameters None
Default Not configured
Command mode SEC-PROFILE
Usage
information
Use the revocation-check command to enable the verification of certificates presented by external
devices for a PKI-enablled application on the switch. Use the show crypto crl command to display
Security 1075