Brocade Fabric OS Command Reference Manual (53-1000240-01, November 2006)
Fabric OS Command Reference Manual 2-553
Publication Number: 53-1000240-01
secCertUtil
2
Note: Enter commands in lowercase only; mixed case is for readability.
certificates.
gencsr Generates a new CSR for the switch. This is second step for setting up third-party
certificates in the switch. To generate a CSR, the admin must answer a series of
questions prompted by this option. Once all questions are answered, a CSR is
generated and placed in a file named ip_address.csr, where the ip_address is the
IP address of the switch.
delcsr Deletes the CSR in the switch.
showcsr Displays the contents of the CSR in the switch without page breaks. Use pipe
operator followed by “more” option to display the contents of the CSR in the
switch page breaks.
show Displays a list of all certificates in the switch.
show certificate name
Displays the contents of the specified certificate.
delete certificate name
Deletes the specified certificate.
export Exports a CSR to a host. This is typically used to submit the CSR to a CA who in
turn issues a certificate.
import [-config cacert] | [-config swcert [-enable https]]
Import a certificate on to the switch. Use this for the following:
• Download a certificate issued by a CA after sending the CSR to the CA.
• Download an Issuing CA certificate.
• Set imported certificate with -config option. Specifying cacert sets the CA
certificate file name in configuration and specifying swcert sets switch
certificate file name in configuration.
• Enable secure protocols with -enable option. This option can be used only
with -config swcert.
Examples To generate a public/private key pair:
switch:admin> seccertutil genkey
Generating a new key pair will automatically do the following:
1. Delete all existing CSRs.
2. Delete all existing certificates.
3. Reset the certificate filename to none.
4. Disable secure protocols.
Continue (yes, y, no, n): [no] y
Select key size [1024 or 2048]:
Generating new rsa public/private key pair
Done.