488
Related commands
pki domain
pki import
Use pki import to import the CA certificate, local certificates, or peer certificates for a PKI domain.
Syntax
pki import domain domain-name { der { ca | local | peer } filename filename | p12 local filename
filename | pem { ca | local | peer } [ filename filename ] }
Views
System view
Predefined user roles
network-admin
Parameters
domain-name: Specifies a PKI domain by its name, a case-insensitive string of 1 to 31 characters.
The domain name cannot contain the special characters listed in Table 71.
Table 71 Special characters
Tilde ~ Dot .
Asterisk * Left angle bracket <
Backslash \ Right angle bracket >
Vertical bar | Quotation marks "
Colon : Apostrophe '
der: Specifies the DER certificate file format, including PKCS#7.
p12: Specifies the PKCS#12 certificate file format.
pem: Specifies the PEM certificate file format.
ca: Specifies the CA certificate.
local: Specifies the local certificates.
peer: Specifies the peer certificates.
filename filename: Specifies a certificate file name, a case-insensitive string. For a certificate in
PEM format, you can also choose to copy and paste the certificate contents on the terminal instead
of importing from a file.
Usage guidelines
Use this command to import a certificate in the following situations:
• The CRL repository is not specified or the CA server does not support SCEP.
• The certificate is packed with the server generated key pair in a single file. Only certificate files
in PKCS12 or PEM format can contain key pairs.
Before you import certificates, complete the following tasks:
• Use FTP or TFTP to upload the certificate files to the storage media of the device. If FTP or
TFTP is not available, display and copy the contents of a certificate to a file on the device. Make
sure the certificate is in PEM format because only certificates in PEM format can be imported by
this means.
To Next Page
Loading...
Need help?
General
