TMS zl Management and Configuration Guide ST.1.1.100430
A-58
Command-Line Reference
Global Configuration Context
If you added a subject alternate name, you could specify those settings
instead—for example, IP Address for Type and 10.1.1.1 for Value.
For example:
ProCurve(tms-module-<slot ID>:config)# certificates
generate private-key id key1 algorithm dsa size-512
ProCurve(tms-module-<slot ID>:config)# certificates
generate request cert1 signature rsa-md5 private-key id
id1 subject tms.com alternative-names ip-addr-1 1.2.3.4
domain-1 x.com domain-2 y.com email-id-1 user@hp.com
certificates import
Use this command to use FTP, TFTP, or SCP to install the certificates on the
TMS zl Module. (These certificates are necessary for the module to use DSA
or RSA signatures for the IKE authentication method.)
Enter the following command to retrieve the CA certificate, IPsec certificate,
CRLs, and private keys:
Syntax: certificates import < ca | ipsec-cert | crl | private-key id <ID> > < ftp | scp>
<server address> <filename> user <username>
Syntax: certificates import < ca | ipsec-cert | crl | private-key id <ID> > tftp <server
address> <filename>
Replace <ID> with a string between 1 and 31 alphanumeric characters. The
string must be unique to the private key you are importing.
Replace <server address> with the IP address for your server.
Replace <filename> with the full certificate, CRL, or private key filename as
stored on the server. For example, c:/folder/cert.crt.
Replace <username> with the username on the account on your FTP or SCP
server. After entering this command, you will be prompted for the user’s
password.
For example:
ProCurve(tms-module-<slot ID>:config)# certificates
import ca ftp 192.168.11.23 c:/folder/cert.crt user user1
Password: ******