|
Generate a local digital certificate.
The certificate has the following parameters:
- Certificate ID—Unique ID used to identify all of the related
key pairs, certificates, and PKCS-10 certificate request files—for example, local-verisign
- CA profile—Name of the configured certificate authority
profile—for example, ca-profile-ipsec
- Subject—Common name (CN), department or organizational unit
name (OU), company name (O), state (ST), and country (C)for the digital certificate
- Domain name—Fully qualified domain name that identifies
the certificate owner during IKE negotiations
- Challenge password—Password used by the CA for certificate
enrollment and revocation
- IP address (Optional)—IP address if the Services Router has
a static IP address
- Validity start time (Optional)—Length of time that a certificate
is valid
|
Enter
request security pki local-certificate enroll certificate-id local-verisign
Enter
request security pki local-certificate enroll ca-profile ca-profile-ipsec
subject subject-distinguished-name domain-name domain-name challenge-password challenge-password ip-address ip-address validity-start-time start-time validity-end-time end-time
|