Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 55
Brocade Mobility RFS Controller CLI Reference Guide
37
53-1003098-01
2
crypto pki generate self-signed <TRUSTPOINT-NAME>
[generate-rsa-key|use-rsa-key]
<RSA-KEYPAIR-NAME> subject-name <COMMON-NAME> <COUNTRY> <STATE> <CITY>
<ORGANIZATION> <ORGANIZATION-UNIT> {(email <SEND-TO-EMAIL>,fqdn
<FQDN>,ip-address <IP>,on <DEVICE-NAME>)}
crypto pki import [certificate|crl] <TRUSTPOINT-NAME> <IMPORT-FROM-URL>
{background {on <DEVICE-NAME>}|on <DEVICE--NAME>}
pki
Enables PKI management. Use this command to authenticate, export, generate, or delete a trustpoint and
its associated CA certificates.
generate self-signed
<TRUSTPOINT-NAME>
Generates a self-signed CA certificate and a trustpoint
•
<TRUSTPOINT-NAME> – Specify a name for the certificate and its trustpoint.
[generate-rsa-key|
use-rsa-key]
<RSA-KEYPAIR-NAME>
Generates a new RSA Keypair, or uses an existing RSA Keypair
•
generate-rsa-key – Generates a new RSA Keypair for digital authentication
•
use-rsa-key – Uses an existing RSA Keypair for digital authentication
•
<RSA-KEYPAIR-NAME> – If generating a new RSA Keypair, specify a name for it. If using an existing
RSA Keypair, specify its name.
subject-name
<COMMON-NAME>
Specify a subject name to identify the certificate.
•
<COMMON-NAME> – Specify the common name used with the CA certificate. The name should
enable you to identify the certificate easily.
<COUNTRY>
Sets the deployment country code (2 character ISO code)
<STATE>
Sets the state name (2 to 64 characters in length)
<CITY>
Sets the city name (2 to 64 characters in length)
<ORGANIZATION>
Sets the organization name (2 to 64 characters in length)
<ORGANIZATION-UNIT>
Sets the organization unit (2 to 64 characters in length)
email
<SEND-TO-EMAIL>
Optional. Exports the CSR to a specified e-mail address
•
<SEND-TO-EMAIL> – Specify the CA’s e-mail address.
fqdn <FQDN>
Optional. Exports the CSR to a specified FQDN
•
<FQDN> – Specify the CA’s FQDN.
ip address <IP>
Optional. Exports the CSR to a specified device or system
•
<IP> – Specify the CA’s IP address.
pki
Enables PKI management. Use this command to authenticate, export, generate, or delete a trustpoint and
its associated CA certificates.
import
Imports certificates, Certificate Revocation List (CRL), or a trustpoint to the selected device
[certificate|crl]
<TRUSTPOINT-NAME>
Imports a signed server certificate or CRL
•
certificate – Imports signed server certificate
•
crl – Imports CRL
•
<TRUSTPOINT-NAME> – Specify the trustpoint name (should be authenticated).
<IMPORT-FROM-URL>
Specify the signed server certificate or CRL source address in the following format:
tftp://<hostname|IP>[:port]/path/file
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
sftp://<user>@<hostname|IP>[:port]>/path/file
http://<hostname|IP>[:port]/path/file
cf:/path/file
usb<n>:/path/file