certificate

system certificate
SDE M10-Smart M2 RS420

Digital certificates configuration

system certificate scep
SDE M10-Smart M2 RS420

Simple Certificate Enrollment Protocol configuration

system certificate scep csr <id>
SDE M10-Smart M2 RS420

SCEP server name

Values

  • id – Server name (1-32)

Instances

Multiple

Required

Required

system certificate scep csr <id> autoenrollment
SDE M10-Smart M2 RS420

Enable autoenrollment

system certificate scep csr <id> autoenrollment retry-period <u32|id>
SDE M10-Smart M2 RS420

Wait period between certificate request retries

Values

  • u32 – Time in minutes (1-999999)

  • N[m/h/d/w] – Time in minutes/hours/days/weeks

system certificate scep csr <id> autoenrollment time <u32|id>
SDE M10-Smart M2 RS420

Time before certificate expiration

Values

  • u32 – Time in minutes (1-999999)

  • N[m/h/d/w] – Time in minutes/hours/days/weeks

system certificate scep csr <id> ca-fingerprint
SDE M10-Smart M2 RS420

Expected fingerprint for the CA certificate

Instances

Unique

system certificate scep csr <id> ca-fingerprint md5 <id>
SDE M10-Smart M2 RS420

MD5 fingerprint

Values

  • id – MD5 fingerprint in hex format (16)

system certificate scep csr <id> ca-fingerprint sha <id>
SDE M10-Smart M2 RS420

SHA fingerprint

Values

  • id – SHA fingerprint in hex format (20)

system certificate scep csr <id> ca-name <id>
SDE M10-Smart M2 RS420
Values

  • id – CA name

system certificate scep csr <id> cgi-path <txt>
SDE M10-Smart M2 RS420
Values

  • txt – CGI script path

system certificate scep csr <id> challenge-password <txt>
SDE M10-Smart M2 RS420

Challenge password CSR request of enrollment

Values

  • txt – Password (1-256)

system certificate scep csr <id> distinguished-names <txt>
SDE M10-Smart M2 RS420

Comma separated list of distinguished names for the CSR

Values

  • txt – DN (1-250)

system certificate scep csr <id> dns <id>
SDE M10-Smart M2 RS420

Add DNS name as alternative name

Values

  • id – Domain Name System

system certificate scep csr <id> email <id>
SDE M10-Smart M2 RS420

Add email as alternative name

Values

  • id – Email

system certificate scep csr <id> encrypted-password <password>
SDE M10-Smart M2 RS420
Values

  • password – Encrypted challenge password CSR request of enrollment

system certificate scep csr <id> ip-address <ipv4|ipv6>
SDE M10-Smart M2 RS420

Add source IP address as alternative name

Values

  • ipv4 – Local IPv4 address

  • ipv6 – Local IPv6 address

Local IP address

system certificate scep csr <id> local-address <ipv4|ipv6>
SDE M10-Smart M2 RS420

Local IP address to use as source for SCEP requests

Values

  • ipv4 – Local IPv4 address for csr

  • ipv6 – Local IPv6 address for csr

Local IP address

system certificate scep csr <id> local-interface <ifc>
SDE M10-Smart M2 RS420
Values

  • ifc – Interface to use as source for SCEP requests

system certificate scep csr <id> local-vrf <id>
SDE M10-Smart M2 RS420

VRF where socket is bound

Reference

system vrf <id>

system certificate scep csr <id> port <u32>
SDE M10-Smart M2 RS420

SCEP server port

Values

  • u32 – Port (1-65535)

system certificate scep csr <id> regenerate-key
SDE M10-Smart M2 RS420

Regenerate key on enrollment

system certificate scep csr <id> rollover
SDE M10-Smart M2 RS420

Enable rollover for CA expiration

system certificate scep csr <id> rollover retry-period <u32|id>
SDE M10-Smart M2 RS420

Wait period between rollover retries

Values

  • u32 – Time in minutes (1-999999)

  • N[m/h/d/w] – Time in minutes/hours/days/weeks

system certificate scep csr <id> rollover time <u32|id>
SDE M10-Smart M2 RS420

Time before CA expiration

Values

  • u32 – Time in minutes (1-999999)

  • N[m/h/d/w] – Time in minutes/hours/days/weeks

system certificate scep csr <id> rsa-key-length <u32>
SDE M10-Smart M2 RS420

RSA key length in bits to generate

Values

  • u32 – Key length (512-4096)

system certificate scep csr <id> serial-number
SDE M10-Smart M2 RS420

Add router serial number to the CSR

system certificate scep csr <id> signer-names <txt>
SDE M10-Smart M2 RS420

Comma separated list of distinguished names for the PKCS#7 envelop

Values

  • txt – DN (1-250)

system certificate scep csr <id> url <ipv4|ipv6|txt>
SDE M10-Smart M2 RS420

SCEP server address

Values

  • ipv4 – SCEP IPv4 address

  • ipv6 – SCEP IPv6 address

  • txt – SCEP hostname

system certificate trust <file>
SDE M10-Smart M2 RS420
Values

  • file – Add a certificate to the trusted root certificates

Instances

Multiple