Allied Telesis AT-S63 User Manual

AT-S63 Management Software Command Line Interface User’s Guide

387

The CERTIFICATE parameter assigns the certificate a name. The name
can be from 1 to 40 alphanumeric characters. Each certificate in the
database should be given a unique name.

The LOCATION parameter specifies the filename of the certificate as
stored in the switch’s file system. When specifying the filename, be sure
to include the file extension “.cer”.

The TRUSTED parameter specifies whether the certificate is from a
trusted CA. The default is TRUE. Only self-signed root CA certificates are
typically set to be automatically trusted, and only after the user has
checked the certificate’s fingerprint and other details using “SHOW PKI
CERTIFICATE” on page 400.

The TYPE parameter specifies what type of certificate is being added.
Self signed certificates should be assigned a type of SELF. If CA is
specified, the switch tags this certificate as a CA certificate. If ENDENTITY
or EE is specified, the switch tags the certificate to indicate that it
belongs to an end entity. The default is ENDENTITY.

Note

The TRUSTED and TYPE parameters have no affect on the operation
of a certificate. You can select any permitted value for either
parameter, or you can omit the parameters. The parameters are
included only as placeholders for information in the certificate
database.

Example

The following command loads the certificate “sw12.cer” from the file
system into the certificate database. The certificate is assigned the name
“Switch 12 certificate”:

add pki certificate="Switch 12 certificate"
location="sw12.cer" type=self