C613-50631-01 Rev A Command Reference for IE340 Series 2523
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
PUBLIC KEY INFRASTRUCTURE AND CRYPTO COMMANDS
ENROLLMENT
(CA-TRUSTPOINT)
enrollment (ca-trustpoint)
Overview Use this command to declare how certificates will be added to the system for the
current trustpoint.
Syntax
enrollment {selfsigned|terminal}
Mode Trustpoint Configuration
Usage notes If the enrollment is set to selfsigned, then the system will generate a root CA
certificate and its associated key when the crypto pki authenticate command is
issued. It will generate a server certificate (signed by the root CA certificate) when
the crypto pki enroll command is issued.
If the enrollment is set to terminal, then the system will prompt the user to paste
the root CA certificate Privacy Enhanced Mail (PEM) file at the terminal, when the
crypto pki authenticate command is issued. It will create a Certificate Signing
Request (CSR) file for the local server when the crypto pki enroll command is
issued. The server certificate received from the external CA should be imported
using the crypto pki import pem command.
The trustpoint named “local” may only use the selfsigned enrollment setting.
If no enrollment mode is specified, the crypto pki authenticate command will fail
for the trustpoint.
Example To configure the trustpoint named "example" and set its enrollment to selfsigned,
use the following commands:
awplus> enable
awplus# configure terminal
awplus(config)# crypto pki trustpoint example
awplus(ca-trustpoint)# enrollment selfsigned
Related
commands
crypto pki enroll
Parameter Description
selfsigned Sets the enrollment mode for the current trustpoint to selfsigned.
terminal Sets the enrollment mode for the current trustpoint to terminal.
To Next Page
Loading...
Need help?
General
