R0106-HP MSR Router Series Security Configuration Guide(V7)
228
[DeviceA-pki-domain-torsa] public-key rsa general name abc length 1024
[DeviceA-pki-domain-torsa] quit
4. Generate a local RSA key pair:
[DeviceA] public-key local create rsa name abc
The range of public key size is (512 ~ 2048).
If the key modulus is greater than 512,it will take a few minutes.
Press CTRL+C to abort.
Input the modulus length [default = 1024]:
Generating Keys...
..........................++++++
.....................................++++++
Create the key pair successfully.
5. Request a local certificate:
# Obtain the CA certificate and save it locally.
[DeviceA] pki retrieve-certificate domain torsa ca
The trusted CA's finger print is:
MD5 fingerprint:EDE9 0394 A273 B61A F1B3 0072 A0B1 F9AB
SHA1 fingerprint: 77F9 A077 2FB8 088C 550B A33C 2410 D354 23B2 73A8
Is the finger print correct?(Y/N):y
# Obtain the CRL and save it locally.
[DeviceA] pki retrieve-crl domain torsa
# Submit a certificate request manually.
[DeviceA] pki request-certificate domain torsa password 123
Start to request the general certificate ...
…
Request certificate of domain torsa successfully
Verifying the configuration
# After obtaining the local certificate, display information about the certificate.
[DeviceA] display pki certificate domain torsa local
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9A96A48F 9A509FD7 05FFF4DF 104AD094
Signature Algorithm: sha1WithRSAEncryption
Issuer:
C=cn
O=org
OU=test
CN=myca
Validity
Not Before: Aug 25 03:19:32 2011 GMT
Not After : Aug 24 03:19:32 2012 GMT
Subject:
CN=test
Subject Public Key Info: