enrollment retry period
To specify the wait period between certificate request retries, use the enrollment retry period command in
trustpoint configuration mode. To reset the retry period to the default of 1 minute, use the no form of this
command.
enrollment retry period minutes
no enrollment retry period minutes
Syntax Description
Period (in minutes) between certificate requests issued to a certification authority
(CA) from the router. The range is from 1 to 60 minutes.
minutes
Command Default
minutes: 1
Command Modes
Trustpoint configuration
Command History
ModificationRelease
This command was introduced.Release 2.0
Usage Guidelines
After requesting a certificate, the router waits to receive a certificate from the CA. If the router does not receive
a certificate within a specified time (the retry period), the router sends another certificate request. The router
continues to send requests until it receives a valid certificate, the CA returns an enrollment error, or the
configured number of retries (the retry count) is exceeded.
The router sends the CA another certificate request every minute until a valid certificate is received. (By
default, the router sends ten requests, but you can change the number of permitted retries with the enrollment
retry count command.)
Task ID
OperationsTask ID
read, writecrypto
Examples
The following example shows how to declare a CA and change the retry period to 5 minutes:
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# crypto ca trustpoint myca
RP/0/RP0/CPU0:router(config-trustp)# enrollment retry period 5
Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1
208 OL-24740-01
Public Key Infrastructure Commands
enrollment retry period
To Next Page
Loading...
Need help?
General
