856| Management Access AOS-W 6.5.3.x| User Guide
In the WebUI
1. Navigate to the Configuration > Management > Certificates > CSR page.
2. Enter the following information:
Parameter Description Range
CSR Type Type of the CSR.
You can generate a certificate signing request either
with an Elliptic curve (EC) key, or with a Rivest-
Shamir-Aldeman (RSA) key.
ec/rsa
Curve name Length of the private/public key for ECDSA. This is
applicable only if CSR Type is ec.
secp256r1/secp384r1
Key Length Length of the private/public key for RSA.
This is applicable only if CSR Type is rsa.
NOTE: RSA-1024 is not permitted if the switch is
operating in the FIPS mode.
1024/2048/4096
Common Name Typically, this is the host and domain name, as in
www.example.com.
—
Country Two-letter ISO country code for the country in which
your organization is located.
State/Province State, province, region, or territory in which your
organization is located.
City City in which your organization is located.
Organization Name of your organization.
Unit Optional field to distinguish a department or other
unit within your organization.
Email Address
Email address referenced in the CSR.
Table 195: CSR Parameters
3. Click Generate New.
4. Click View Current to display the generated CSR. Select and copy the CSR output between the BEGIN
CERTIFICATE REQUEST and END CERTIFICATE REQUEST lines, paste it into an email and send it to the CA of
your choice.
In the CLI
1. Run the following command:
crypto pki csr {rsa key_len <key_val> |{ec curve-name <key_val>} common_name <common_val>
country <country_val> state_or_province <state> city <city_val> organization <organization_
val> unit <unit_val> email <email_val>
RSA-1024 is not permitted if the switch is operating in the FIPS mode.
2. Display the CSR output with the following command:
show crypto pki csr
To Next Page
Loading...