3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

431

432

433

434

435

436

437

438

439

440

440 CHAPTER 24: PKI CONFIGURATION COMMANDS

PKI Displaying and

Debugging

Commands

debugging pki Syntax

debugging pki { all | request | retrieval | verify | error }

undo debugging pki { all | request | retrieval | verify | error }

View

User view

Parameter

all: Enables all debugging.

request: Enables debugging in certificate request.

retrieval: Enables debugging in certificate retrieval.

verify: Enables debugging in certification validation.

error: Enables debugging in case of errors.

Description

Use the debugging pki command to enable the debugging for PKI.

Use the undo debugging pki command to disable the debugging output.

Unexpected problems may occur during the device operation. Debugging

commands enable the optional output and print of debugging information,

facilitating the network monitor and fault diagnosis for the network operators and

developers.

By default, all PKI debugging functions are disabled.

Example

# Enable the debugging in case of errors in PKI certificate operation.

[SecBlade_VPN] debugging pki error

[SecBlade_VPN] pki delete-certificate ca domain 1

[SecBlade_VPN] pki request-certificate domain 1

Certificate enroll failed!

Cannot get the CA/RA certificate when creating the x509 Request

# Enable the debugging function for PKI certificate retrieval.

[SecBlade_VPN] debugging pki retrieval

[SecBlade_VPN] pki retrieval-certificate local domain 1

Retrievaling CA/RA certificates. Please wait a while......

We receive 3 certificates.

The trusted CA’s finger print is:

MD5 fingerprint:74C9 B71D 406B DDB3 F74A 96BC E05B 40E9

SHA1 fingerprint:770E 2937 4E32 ACD4 4ACC 7CF1 0FF0 6FB8 6C34 E24A