10-5
The configuration of an entity DN must comply with the CA certificate issue policy. You need to
determine, for example, which entity DN parameters are mandatory and which are optional. Otherwise,
certificate request may be rejected.
Follow these steps to configure an entity DN:
To do… Use the command… Remarks
Enter system view system-view —
Create an entity and enter its
view
pki entity entity-name
Required
No entity exists by default.
Configure the common name
for the entity
common-name name
Optional
No common name is specified
by default.
Configure the country code for
the entity
country country-code-str
Optional
No country code is specified by
default.
Configure the FQDN for the
entity
fqdn name-str
Optional
No FQDN is specified by
default.
Configure the IP address for
the entity
ip ip-address
Optional
No IP address is specified by
default.
Configure the locality of the
entity
locality locality-name
Optional
No locality is specified by
default.
Configure the organization
name for the entity
organization org-name
Optional
No organization is specified by
default.
Configure the unit name for the
entity
organization-unit
org-unit-name
Optional
No unit is specified by default.
Configure the state or province
for the entity
state state-name
Optional
No state or province is
specified by default.
z Currently, up to two entities can be created on a device.
z The Windows 2000 CA server has some restrictions on the data length of a certificate request. If
the entity DN in a certificate request goes beyond a certain limit, the server will not respond to the
certificate request.
To Next Page
Loading...
