Fortinet FortiVoice 200D

To Next Page

To Previous Page

Fortinet Technologies Inc. Page 116 FortiVoice 200D/200D-T v2.0 MR1 CLI Reference

certificate

Use this command to upload and download certificates, and to generate certificate signing

requests (CSR).

Syntax

execute certificate ca import tftp <file_name> <tftp_ip>

execute certificate ca export tftp <cert_name> <file_name> <tftp_ip>

execute certificate config verify

execute certificate crl import tftp <file_name> <tftp_ip>

execute certificate local export tftp <cert_name> <file_name>

<tftp_ip>

execute certificate local generate <cert_name> <key_size> <subject>

execute certificate local import tftp <file_name> <tftp_ip>

execute certificate remote import tftp <file_name> <tftp_ip>

execute certificate remote export tftp <cert_name> <file_name>

<tftp_ip>

Variable Description Default

ca import tftp

<file_name> <tftp_ip>

Imports the certificate authority (CA) certificate from a TFTP

server.

Certificate authorities validate and sign other certificates in

order to indicate to third parties that those other certificates

may be trusted to be authentic.

ca export tftp

<cert_name>

<file_name> <tftp_ip>

Exports the CA certificate to a TFTP server.

config verify Since the FortiVoice unit stores configuration information of

CA certificates and local certificates in the configuration file

and stores the certificates themselves in the file system, in

some circumstances (such as a firmware upgrade or an

abnormal system shutdown), the certificate configuration

and the certificate may be out of sync.

Use this command to synchronize the certificate

configuration in the configuration file with the certificate in

the file system.

crl import tftp

<file_name> <tftp_ip>

Imports the Certificate Revocation List.

To ensure that your FortiVoice unit validates only certificates

that have not been revoked, you should periodically upload

a current certificate revocation list, which may be provided

by certificate authorities (CA). Alternatively, you can use

online certificate status protocol (OCSP) to query for

certificate statuses.

local export tftp

<cert_name>

<file_name> <tftp_ip>

Exports a certificate signing request or a local certificate to

a TFTP server.

Note that this command does not support exporting a

certificate in PKCS#12 format. To do this, you must go to

the web UI.

Main Page

Fortinet FortiVoice 200D - Certificate

Table of Contents

Other manuals for Fortinet FortiVoice 200D

Related product manuals