F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Command Reference-6PW100
134
Usage guidelines
When the URL of the CRL distribution point is not set, you should acquire the CA certificate and a local
certificate, and then acquire a CRL through SCEP.
Examples
# Specify the URL of the CRL distribution point.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] crl url ldap://169.254.0.30
display pki certificate
Use display pki certificate to display the contents or request status of a certificate.
Syntax
display pki certificate { { ca | local } domain domain-name | request-status } [ | { begin | exclude |
include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
ca: Displays the CA certificate.
local: Displays the local certificate.
domain-name: Name of the PKI domain, a string of 1 to 15 characters.
request-status: Displays the status of a certificate request.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Getting Started Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display the local certificate.
<Sysname> display pki certificate local domain 1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10B7D4E3 00010000 0086
Signature Algorithm: md5WithRSAEncryption
Issuer:
emailAddress=myca@aabbcc.net