/cfg/slb/ssl/certs
Certificate Repository Menu
 
Certificate Repository Menu]
cert     - Server Certificate Menu
request - Certificate Signing Request Menu
key - Key Menu
trustca - Trusted CA Certificate Menu
intermca - Intermediate CA Certificate Menu
group - Certificates Group Menu
crl - Certificate Revocation List (CRL) Menu
defaults - Set certificate default values
hsm - HSM Menu
import - Import certificates
export - Export certificates
cur - Display certificates configuration
 
Certificate Repository Menu 
Command Syntax and Usage
cert
 
Displays the Certificate menu. To view this menu, see /cfg/slb/ssl/certs/cert Server Certificate Menu.
request
 
Displays the Certificate Signing Request menu. To view this menu, see /cfg/slb/ssl/certs/request Certificate Signing Request Menu.
key
 
Displays the Key menu. To view this menu, see /cfg/slb/ssl/certs/key Key Menu.
trustca
 
Displays the Trusted CA Certificate menu. To view this menu, see /cfg/slb/ssl/certs/trustca Trusted CA Certificate Menu.
Note: You must first import into Alteon a trusted CA before using this menu.
intermca
 
Displays the Intermediate CA Certificate menu. To view this menu, see /cfg/slb/ssl/certs/intermca Intermediate CA Certificate Menu.
Note: You must first import into Alteon an Intermediate CA before using this menu.
group
 
Displays the Certificates Group menu. To view this menu, see /cfg/slb/ssl/certs/group Certificate Group Menu.
crl
 
Displays the Certificate Revocation List (CRL) menu. To view this menu, see /cfg/slb/ssl/certs/crl Certificate Revocation List (CRL) Menu.
defaults
 
Sets the following default values used when generating new certificates or signing requests:
*Country Name  — The country where the organization is located. 2-character string. For example: US.
*State or Province Name — The full name of the state or province. For example: California.
*Locality name — Name of the city. For example: Los Angeles.
*Organization Name  — Name of the organization. For example: My Company, Inc.
*Organizational Unit Name — Department or unit within the organization. For example: Accounting.
*Email — Any e-mail address that you want to include within the certificate. For example: admin@company.com.
Note: You must apply your changes to the default values for them to apply to new generated certificates.
For more information on generating new certificate signing requests, see /cfg/slb/ssl/certs/request Certificate Signing Request Menu.
hsm
 
Displays the HSM menu. To view this menu, see /cfg/slb/ssl/certs/hsm HSM Menu.
Note: This menu is only available when a FIPS module is present.
import
 
In addition to generating keys, signing requests, or certificates, you are prompted to enter the component type to import.
Enter Component type to import
[key|srvrcert|cert+key|intermca|trustca|2424sslcfg|crl] [key]:
The following components can be imported into Alteon:
*Key
*Server certificate
*Certificate and key (Not applicable when FIPS HSM is used.)
*Intermediate CA certificate
*Trusted CA certificate
*2424-SSL, SSL configuration
*crl (certificate revocation list)
All components except the certificate and key should be imported in PEM format. The certificate and key component should be imported in PKCS#12 format.
Note: The maximum file size for importing SSL components (excluding 2424-SSL configuration) is 200 KB.
For more information on these components, see the section on offloading SSL encryption and authentication in the Alteon Command Line Interface Application Guide.
Note: This command requires that you have a secure connection.
When you use this command, you are prompted for the following information:
*Component type — The component type from the component type list.
*Component ID — An ID for the component.
*Key passphrase — The same passphrase used to encrypt the private keys so you can decrypt them. (Not applicable when FIPS HSM is used.)
*Import from text or file —  The source type of the import. The certificate and key component type can only be imported from a file:
*text — You are prompted to copy and paste the text of the component.
*file  — You are prompted to provide the hostname or IP address of the SCP server, name of the file on the SCP server, and the username and password for the SCP server.
Note: PEM files are supported with ANSI or UTF-8 encoding only.
If are migrating your SSL configuration from an Alteon 2424-SSL platform to Alteon version 27.0.0.0 or later, select the 2424-SSL component type. For detailed procedures on migrating the SSL configuration of an Alteon 2424-SSL platform, refer to Migrating the SSL Offloading Configuration of the Alteon Application Switch 2424-SSL to AlteonOS version 27.0.0.0. When importing this configuration, all associated certificates are imported by default, including server certificates, intermediate CA certificates, and trusted CA certificates.
export
 
You are prompted to enter the component type to export.
Enter Component type to export [key|srvrcert|cert+key|intermca|trustca|2424sslcfg|crl] [key]:
You can export the following component types to another location, either sending a CSD to CA, or backing up these components:
*Key
*Server certificate
*Certificate and key (Not applicable when FIPS HSM is used.)
*Certificate Signing Request (CSR)
*Intermediate CA certificate
*Trusted CA certificate
*2424-SSL, SSL configuration
*crl (certificate revocation list)
For more information on these components, see the section on offloading SSL encryption and authentication in the Alteon Command Line Interface Application Guide.
Note: This command requires that you have a secure connection.
When you use this command, you are prompted for the following information:
*Component type — The component type from the component type list.
*Component ID — An ID for the component.
*Key passphrase — The passphrase to encrypt the exported private key. (Not applicable when FIPS HSM is used.)
*Export to text or file — The destination type of the export. The certificate and key component type can only be exported to a file:
text — You are prompted to copy and paste the text of the component
file  — You are prompted to provide the hostname or IP address of the SCP server, name of the file on the SCP server, and the username and password for the SCP server.
cur
 
Displays the current certificate repository settings, including all certificates, keys, and groups, as well as the certificate associations with virtual services and policies.