R2511-HP MSR Router Series Security Command Reference(V5)
309
Views
PKI domain view
Default command level
2: System level
Parameters
ca: Specifies the CA to accept certificate requests.
ra: Specifies the RA to accept certificate requests.
Examples
# Specify that the entity requests a certificate from the CA.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] certificate request from ca
certificate request mode
Use certificate request mode to set the certificate request mode.
Use undo certificate request mode to restore the default.
Syntax
certificate request mode { auto [ key-length key-length | password { cipher | simple } password |
before-expire num-days [ regenerate ] ] * | manual }
undo certificate request mode
Default
Manual mode is used.
Views
PKI domain view
Default command level
2: System level
Parameters
auto: Specifies the certificate request mode as auto.
key-length: Specifies the length of the RSA keys in bits. The value range is 512 to 2048, and the default
is 1024.
cipher: Sets a ciphertext password for certificate revocation.
simple: Sets a plaintext password for certificate revocation.
before-expire num-days: Specifies how many days before the current certificate expires an entity requests
a new certificate from the CA. The value range is 0 to 365. If this option is not specified, the entity does
not automatically request a new certificate when the old certificate expires.
regenerate: Generates a new RSA key pair for certificate renewal request. The new RSA key pair
overwrites the old one when the new certificate is obtained. If this keyword is not specified, an entity uses
the old RSA key pair for certificate renewal request.