Set pki certificate – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Command Line Interface User’s Guide

395

SET PKI CERTIFICATE

Syntax

set pki certificate="

name

"

[trusted=yes|no|on|off|true|false]
[type=ca|ee|self]

Parameters

certificate

Specifies the certificate name whose trust or type you want
to change. The name is case sensitive. If the name contains
spaces, it must be enclosed in quotes.

trusted

Specifies whether or not the certificate is from a trusted CA.
The options are:

yes, on, true

Specifies that the certificate is from a
trusted CA. This is the default. The options
are equivalent.

no, off, false

Specifies that the certificate is not from a
trusted CA. The options are equivalent.

type

Specifies a type for the certificate. The options are:

ca

Tags the certificate as a CA certificate.

ee

Tags the certificate as belonging to another end

entity (EE). This is the default.

self

Tags the certificate as its own.

Description

This command changes the level of trust and type for a certificate in the
switch’s certificate database. To list the certificates in the database, refer
to “SHOW PKI CERTIFICATE” on page 400.

The TRUSTED parameter specifies whether the certificate is from a
trusted CA. The default is TRUE. Only self-signed root CA certificates are
typically set to be automatically trusted, and only after the user has
checked the certificate’s fingerprint and other details using “SHOW PKI
CERTIFICATE” on page 400.