F3215-HP Load Balancing Module Security Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

181

182

183

184

185

186

187

188

189

190

174

Default command level

2: System level

Parameters

id: Number of the certificate attribute access control rule, in the range of 1 to 16. The default is the

smallest unused number in this range.

deny: Indicates that a certificate whose attributes match an attribute rule in the specified attribute group

is considered invalid and denied.

permit: Indicates that a certificate whose attributes match an attribute rule in the specified attribute group

is considered valid and permitted.

group-name: Name of the certificate attribute group to be associated with the rule, a case-insensitive

string of 1 to 16 characters. It cannot be "a", "al", or "all".

all: Specifies all access control rules.

Usage guidelines

A certificate attribute group must exist to be associated with a rule.

Examples

# Create an access control rule, specifying that a certificate is considered valid when it matches an

attribute rule in the certificate attribute group mygroup.

<Sysname> system-view

[Sysname] pki certificate access-control-policy mypolicy

[Sysname-pki-cert-acp-mypolicy] rule 1 permit mygroup

state

Use state to specify the name of the state or province where an entity resides.

Use undo state to remove the configuration.

Syntax

state state-name

undo state

Default

No state or province is specified.

Views

PKI entity view

Default command level

2: System level

Parameters

state-name: State or province name, a case-insensitive string of 1 to 31 characters. No comma can be

included.

Examples

# Specify the state where an entity resides.

<Sysname> system-view