Public Key Infrastructure (PKI) Commands
Page 160 7450 ESS System Mangement Guide
no maximum-cert-chain-depth
Context config>system>security>pki
Description This command defines the maximum depth of certificate chain verification. This number is applied
system wide.
The no form of the command reverts to the default.
Default 7
Parameters level — Specifies the maximum depth level of certificate chain verification, range from 1 to 7. the
certificate under verification is not counted in. for example, if this parameter is set to 1, then the
certificate under verification must be directly signed by trust anchor CA.
Values 1 — 7
shutdown
Syntax [no] shutdown
Context config>system>security>pki>ca-profile>
Description Use this command to enable or disable the ca-profile. The system will verify the configured cert-file
and crl-file. If the verification fails, then the no shutdown command will fail.
The ca-profile in a shutdown state cannot be used in certificate authentication.
Default shutdown
certificate
Syntax certificate
Context admin
Description This command enables the context to configure X.509 certificate related operational parameters.
clear-ocsp-cache
Syntax clear-ocsp-cache [entry-id]
Context admin>certificate
Description This command clears the current OCSP response cache. If optional issuer and serial-number are not
specified, then all current cached results are cleared.
Parameters entry-id — Specifies the local cache entry identifier of the certificate to clear.
Values 1 — 2000
To Next Page
Loading...
