4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router

201

202

203

204

205

206

207

208

209

210

195

Views

PKI entity view

Predefined user roles

network-admin

Parameters

state-name: Specifies a state name or a province name, a case-sensitive string of 1 to 63 characters. No

comma can be included.

Examples

# Set countryA as the state name of the PKI entity en.

<Sysname> system-view

[Sysname] pki entity en

[Sysname-pki-entity-en] state countryA

usage

Use usage to specify the extension for certificates.

Use undo usage to remove the configuration.

Syntax

usage { ike | ssl-client | ssl-server } *

undo usage [ ike | ssl-client | ssl-server ] *

Default

No extension is specified, and a certificate can be used for all applications, including IKE, SSL clients,

and SSL servers.

Views

PKI domain view

Predefined user roles

network-admin

Parameters

ike: Specifies the IKE certificate extension so IKE peers can use the certificates.

ssl-client: Specifies the SSL client certificate extension so the SSL client ends can use the certificates.

ssl-server: Specifies the SSL server certificate extension so the SSL server ends can use the certificates.

Usage guidelines

If you do not specify any keyword, the undo usage command removes all extensions. The extension of a

certificate depends on the certificate user, and it is not limited by PKI.

The extension options contained in an issued certificate depends on the CA policy, and might be

different from those specified in the PKI domain.

Examples

# Specify the IKE certificate extension.

<Sysname> system-view

[Sysname] pki domain aaa