Create pki enrollmentrequest, Quest using “create pki – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Command Line Interface User’s Guide

Section VIII: Management Security

627

CREATE PKI ENROLLMENTREQUEST

Syntax

create pki enrollmentrequest="

name

"

keypair=

key-id

[format=der|pem] [type=pkcs10]

Parameters

enrollmentrequest

Specifies a filename for the enrollment request. The
filename can be from 1 to 8 alphanumeric
characters. If the name contains spaces, it must be
enclosed in double quotes. The management
software automatically adds the “.csr” extension.

keypair

Specifies the key pair that you want to use to create
the enrollment request.

format

Specifies the type of encoding the certificate
request will use. The options are:

der

Specifies binary format which cannot

be displayed. This is the default.

pem

Specifies an ASCII-encoded format

that allows the certificate to be
displayed once it is generated.

type

Formats the request according to PKCS #10.

Description

This command creates a certificate enrollment request. You create an
enrollment request when you want a public or private CA to issue a
certificate.

Before you can create an enrollment request, you must create the key pair
that you want the CA to use when creating the certificate. The enrollment
request will contain the public key of the key pair. To create a key pair,
refer to “CREATE PKI CERTIFICATE” on page 624.

You must also set the system’s distinguished name before using this
command. For a explanation of distinguished names, refer to Chapter 34,
“PKI Certificates and SSL” in the AT-S63 Management Software Menus
Interface User’s Guide. To set the distinguished name, refer to “SET
SYSTEM DISTINGUISHEDNAME” on page 634.