Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 3000 Router Series
1221122212231224122512261227122812291230
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 7 PKI Configuration Commands
3Com Corporation
7-17
View
System view
Parameter
domain-name: contains CA or RA related information. It is configured by using the pki
domain command.
Description
Use the pki retrieval-crl command to obtain the latest CRL from CRL server for the
verification of the validity of a current certificate.
Related command: pki domain.
Example
# Retrieve a CRL
[RouterCA] pki retrieval-crl domain 1
7.3.6 pki validate-certificate
Syntax
pki validate-certificate { local | ca } domain domain-name
View
System view
Parameter
local: indicates the validation of a local certificate;
ca: indicates the validation of a CA certificate;
domain-name: specifies the domain of the certificate about to be verified. It is
configured by using the pki domain command.
Description
Use the pki validate-certificate command to verify the validity of a certificate. The
focus is to check the CA signature on the certificate, and to make sure that the
certificate is still within the validity period and beyond revocation. All certificates with
authentic signatures of CA can pass the validation, since it is believed that CA never
issues fake certificates.
Related command: pki domain.
Example
# Verify the validity of a certificate