Related commands
display ike proposal
ike signature-identity from-certificate
Use ike signature-identity from-certificate to configure the local device to always obtain the identity
information from the local certificate for signature authentication.
Use undo ike signature-identity from-certificate to restore the default.
Syntax
ike signature-identity from-certificate
undo ike signature-identity from-certificate
Default
The local end uses the identity information specified by local-identity or ike identity for signature
authentication.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Configure the command on the local device that initiates aggressive IKE SA negotiations that use
signature authentication for compatibility with the peer device running a Comware V5-based release.
Such release supports only DN for signature authentication.
If the ike signature-identity from-certificate command is not configured, the local-identity command
configuration, if configured, takes precedence over the ike identity command configuration.
Examples
# Configure the local device to always obtain the identity information from the local certificate for
signature authentication.
<Sysname> system-view
[sysname] ike signature-identity from-certificate
Related commands
• local-identity
• ike identity
inside-vpn
Use inside-vpn to specify an inside VPN instance for an IKE profile.
Use undo inside-vpn to remove the inside VPN instance configuration.
386
To Next Page
Loading...
