User Manual
10.1.12 Revoking client certificates
[Syntax]
certificate revoke user userid
certificate revoke id certificate-id
[Keyword]
user : Revoking client certificates for specified users
id : Revoking client certificates for specified client certificate IDs
[Parameter]
userid : User ID
(within 3–32 characters; cannot specify “DEFAULT”)
Authentication method Characters that can be inputted
EAP-MD5, EAP-TTLS, PEAP, PAP
Single-byte alphanumeric characters and
symbols other than the characters \ [ ] " ? and
spaces
EAP-TLS
Single-byte alphanumeric characters and
symbols other than the characters \ [ ] / : * | < >
" ? and spaces
certificate-id : Client certificate ID
Combination of “user ID” and “serial number”
[Input mode]
priviledged EXEC mode
[Description]
This revokes client certificates for specified users or client certificate IDs.
In the event that a client certificate is revoked, the authorization using that certificate will fail.
[Note]
Client certificate IDs (certificate-id) can be checked using the show radius-server local certificate list command.
[Example]
This revokes the client certificate for user ID “Taro”.
SWR2311P#certificate revoke user Taro
This revokes the client certificate for client certificate ID “Taro-DF598EE9B44D22CC”.
SWR2311P#certificate revoke id Taro-DF598EE9B44D22CC
10.1.13 Exporting client certificates (copying to SD card)
[Syntax]
certificate export sd all [compress]
certificate export sd user userid [compress]
[Keyword]
all : Exporting client certificates for all users
user : Exporting client certificates for specified users
compress : Compress into a ZIP file
[Parameter]
userid : User ID
(within 3–32 characters; cannot specify “DEFAULT”)
Command Reference | Application | 289