Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Obtaining Digital Certificates through SCEP (SRC CLI)

 

You can use SCEP to help manage how you obtain digital certificates, or you can manually add certificates.

For information about manually obtaining certificates, see Manually Obtaining Digital Certificates (SRC CLI).

To add a signed certificate that you obtain through SCEP:

  1. Request a CA certificate through SCEP.

    where:

    • url is the URL of the certificate authority (which is the SCEP server).

    • ca-identifier is the identifier that designates the authority.

    For example, to request a certificate from the CA authority SdxCA at a specified URL on the server security_server:

  2. Request that the certificate authority automatically sign the certificate request.

    where:

    • subject is the distinguished name of the SRC host; for example cn=myhost.

    • password is the password received from the certificate authority for the specified subject.

    For example, to request a certificate from the CA authority SdxCA at a specified URL on the server security_server:

  3. Verify that the certificate is part of the SRC configuration.

    If there are no certificates on the system, the CLI displays the following message: