F3215-HP Load Balancing Module Security Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

181

182

183

184

185

186

187

188

189

190

173

root-certificate fingerprint

Use root-certificate fingerprint to configure the fingerprint to be used for verifying the validity of the CA

root certificate.

Use undo root-certificate fingerprint to remove the configuration.

Syntax

root-certificate fingerprint { md5 | sha1 } string

undo root-certificate fingerprint

Default

No fingerprint is configured for verifying the validity of the CA root certificate.

Views

PKI domain view

Default command level

2: System level

Parameters

md5: Uses an MD5 fingerprint.

sha1: Uses a SHA1 fingerprint.

string: Fingerprint to be used. An MD5 fingerprint must be a string of 32 characters in hexadecimal. A

SHA1 fingerprint must be a string of 40 characters in hexadecimal.

Examples

# Configure an MD5 fingerprint for verifying the validity of the CA root certificate.

<Sysname> system-view

[Sysname] pki domain 1

[Sysname-pki-domain-1] root-certificate fingerprint md5

12EF53FA355CD23E12EF53FA355CD23E

# Configure a SHA1 fingerprint for verifying the validity of the CA root certificate.

[Sysname-pki-domain-1] root-certificate fingerprint sha1

D1526110AAD7527FB093ED7FC037B0B3CDDDAD93

rule (PKI CERT ACP view)

Use rule to create a certificate attribute access control rule.

Use undo rule to delete one or all access control rules.

Syntax

rule [ id ] { deny | permit } group-name

undo rule { id | all }

Default

No access control rule exists.

Views

PKI certificate access control policy view