View the Certificate Details

About this task

Use this procedure for the following tasks:
  • Displaying the digital certificate for given certificate type or list all the certificate details from the local store for given certificate type.

  • Displaying the CA details for a given trustpoint CA name or listing all the CA details from the local store if the CA name is not specified.

  • Displaying the configured key details for given key name.

  • Displaying the configured subject details.

Procedure

  1. Enter Privileged EXEC mode:

    enable

  2. Display the digital certificate for given certificate type:

    show certificate cert-type [default-tls-certificate] [online-ca-cert] | [online-subject-cert] | [offline-ca-cert] | [offline-subject-cert] | [intermediate-ca-cert WORD<1-80>] | [root-ca-cert WORD<1-80>]]

  3. Display the certificate authority details:

    show certificate ca WORD<1–45>

  4. Display the name and public key of all the key-pairs:

    show certificate key-name

  5. Display the details of the configured subject:

    show certificate subject

Examples

Display the CA certificate details:

Switch:1>enable
Switch:1>show certificate ca
CA table entry
Name                      :   caica2
CommonName                :   caica2
KeyName                   :   rsa_2048
CaUrl                     :   http://192.51.100.9:8080/ejbca/publicweb/apply/scep/test/pkiclient.exe
UsePost                   :   0
SubjectCertValidityDays   :   365
Action                    :   no-op
LastActionStatus          :   success
LastActionFailureReason   :
CA-Auth Sha256Fingerprint :

Display the name and public key of all the key-pairs:

Switch:1>show certificate key-name

Key Name: rsa_2048
Public Key Value: 00000000000000010000000102000000000301000100000100bcb8339f794b7ce8a90a7f3a238f07e176a48337512173153ba5f6a2b33700db07957c4a1a7e6adb918ed046c2235e074fff4fcf15aa2e66c670ad14cee5d88a9023d666798943d58ab793578438291532a700037d9b5cf97ce1321c63e16462bbb7c0f8fafa1e386d651caf6b6a8b4e707d1f7c247900d21f711acf1eba9e293aff7de0dbc30b9733d26179827676044ea04b77412142dc6cd8fe9fc4ebc5173a6d7c82cbf52090046efec0efb0356282208c94b5b954c9fca38d3e39e0778474cb423a1c8d9feb4e64a1600a43d7d7d7b1db48dfa7b536772855b081c8d63aecd3f94832fa558565b8e9bf1f1b67121aa7d4a381ff2c3dde78d65c271b83a9
Display the details of the configured subject:
Switch:1>show certificate subject
Common Name         : tlsenduser1
Email Address       : tlsenduser1@mocana.com
Organizational Unit : Engineering
Organization        : Mocana
Locality            : San Francisco
Province            : California
Country             : US

Display the Root CA certificate:

Switch:1>show certificate cert-type root-ca-cert 

CERT STORE table entry
Certificate Type                :   Root CA Certificate
CommonName                      :   ca
VersionNumber                   :   X.509 v3
SerialNumber                    :   3f418444a5b29cbd
IssuerName                      :   CN:ca, EM:, OU:, O:, L:, P:, C:
ValidityPeriodNotBefore         :   10/26/16 12:37:22
ValidityPeriodNotAfter          :   10/26/18 12:37:22
CertificateSignatureAlgorithm   :   sha256withRSAEncryption
CertificateSignature            :   856f7e66ce1bcbc3853dc22f969aff9bbb357d8d4e34274098e7c3c0b78cf0aba04b6d64ec22b4bee122243342283348fb011edd25b44bf7b77d6cfb10eb662d97fafe6ce727622dfc205358513ceaef2a04bc1d46b1372092ae34c222a69237388f62c1efd8d0386102a69aa495a3070994620f2896c157c273185e8b6cc405083973b38418d7efd9c992905df6e160c4bf3b916ec046c5291f9b2f280a178d5ac14ca6ee4ffc47059e522bbdafcc5560c55612fbe3f6bcca603cec1ba0f24202ef6120c0f31259f6b5a80726ddf7f8b72359eac638b4a6289096db0cdc23839d75ebe79dd3b5b7a365d1534a48f349dd3139d1e05e225711f07631ef5a2fbc
Subject                         :   CN:ca, EM:, OU:, O:, L:, P:, C:
SubjectPublicKeyAlgorithm       :   rsaEncryption
SubjectPublicKey                :   00000000000000010000000102000000000301000100000100a0457dd22f1ff11a2c4f01f5fedcda5b26d88a167f056b2c915e690b3a2c1e30373a8e14e5f23586aaa9e68544bf8b5931f0dff6057936c3e8f48d2430ce9bdf2c00d30da314f4d3a88d7e112593429005b7095f8e4aec18fda5d1697d35882eab98796ae0fe20994edc5a5b1379521a65d9e168e6bfe6d842139a294c94aac122e51d7a5438ad8bf00f5098857a557a4f69f4b21bd08c9213d3458a7fb7c644c7fcb4806fb4f683941f7701cb131ffc2444aac314be88fb717c135bc7416390de4925d833e889362caefbaf1079656206acc5cfe424edc30e2cd7853223c505e3fefd28cc35c94c14742a912baee7f4197f680a91b69d496ea67b87cbd0c399
HasBasicConstraint              :   1
HasKeyUsage                     :   1
IsCa                            :   1
KeyUsage                        :   103 digitalSignature  nonRepudiation  keyEncipherment  keyCertSign  cRLSign 
ExtendedKeyUsage                :   TLS Web Server Authentication, OCSP Signing, 
CDPUrl                          :   
OCSPUrl                         :   http://192.51.100.9:8080/ejbca/publicweb/status/ocsp
CertificateFileName             :   /intflash/.cert/.rootCACertStore/root_ca_cert_ca.der

Display the Intermediate CA certificate:

Switch:1> show certificate cert-type intermediate-ca-cert

CERT STORE table entry
Certificate Type                :   Intermediate CA Certificate
CommonName                      :   newsubca
VersionNumber                   :   X.509 v3
SerialNumber                    :   59f0b1a73c93b194
IssuerName                      :   CN:ca, EM:, OU:, O:, L:, P:, C:
ValidityPeriodNotBefore         :   10/27/16 09:49:59
ValidityPeriodNotAfter          :   10/26/18 12:37:22
CertificateSignatureAlgorithm   :   sha256withRSAEncryption
CertificateSignature            :   65c2bed6f0333d6bbc5aea24d682061cfebefeb4bea8f74b3687cb72d700aabcf38af039dbff1e3d818627c5a27bfb4310c5fdd8db7eaea7bfb06275bc86f1e479ed0ca5ec7a828b44f862e294ea4bd39a3a38b2ec5c87f2fb5baf98a856f380d9ec9f022ba5b05c328556233b7dc5d1359edc08966a194311eb76965ce509439a224c5c0004688cfdf154a855a80fd385538e00f5644792f9e496def7e293b2a20a60c782cc9bfcddc448e15024a0a49caa2bbefc82fa71cbda495915910a4363e5d7d95303d44a14e95932b1797ecc252e7ffa4d7cb8d270c693cebbf3e632f1accbe6920460496d1f873d35b92c5430cb870d84d61d0556eea94a003e6785
Subject                         :   CN:newsubca, EM:, OU:, O:, L:, P:, C:
SubjectPublicKeyAlgorithm       :   rsaEncryption
SubjectPublicKey                :   00000000000000010000000102000000000301000100000100a0457dd22f1ff11a2c4f01f5fedcda5b26d88a167f056b2c915e690b3a2c1e30373a8e14e5f23586aaa9e68544bf8b5931f0dff6057936c3e8f48d2430ce9bdf2c00d30da314f4d3a88d7e112593429005b7095f8e4aec18fda5d1697d35882eab98796ae0fe20994edc5a5b1379521a65d9e168e6bfe6d842139a294c94aac122e51d7a5438ad8bf00f5098857a557a4f69f4b21bd08c9213d3458a7fb7c644c7fcb4806fb4f683941f7701cb131ffc2444aac314be88fb717c135bc7416390de4925d833e889362caefbaf1079656206acc5cfe424edc30e2cd7853223c505e3fefd28cc35c94c14742a912baee7f4197f680a91b69d496ea67b87cbd0c399
HasBasicConstraint              :   1
HasKeyUsage                     :   1
IsCa                            :   1
KeyUsage                        :   119 digitalSignature  nonRepudiation  keyEncipherment  keyAgreement  keyCertSign  cRLSign 
ExtendedKeyUsage                :   TLS Web Server Authentication, OCSP Signing, 
CDPUrl                          :   http://192.51.100.9:8080/ejbca/publicweb/webdist/certdist?cmd=crl&issuer=CN=ca
OCSPUrl                         :   
CertificateFileName             :   /intflash/.cert/.caCertStore/ca_cert_newsubca.der

Display the offline CA certificate:

Switch:1>show certificate cert-type offline-ca-cert      

CERT table entry
Certificate Type                :   Offline CA Certificate
VersionNumber                   :   X.509 v3
SerialNumber                    :   59f0b1a73c93b194
IssuerName                      :   CN:ca, EM:, OU:, O:, L:, P:, C:
ValidityPeriodNotBefore         :   10/27/16 09:49:59
ValidityPeriodNotAfter          :   10/26/18 12:37:22
CertificateSignatureAlgorithm   :   sha256withRSAEncryption
CertificateSignature            :   65c2bed6f0333d6bbc5aea24d682061cfebefeb4bea8f74b3687cb72d700aabcf38af039dbff1e3d818627c5a27bfb4310c5fdd8db7eaea7bfb06275bc86f1e479ed0ca5ec7a828b44f862e294ea4bd39a3a38b2ec5c87f2fb5baf98a856f380d9ec9f022ba5b05c328556233b7dc5d1359edc08966a194311eb76965ce509439a224c5c0004688cfdf154a855a80fd385538e00f5644792f9e496def7e293b2a20a60c782cc9bfcddc448e15024a0a49caa2bbefc82fa71cbda495915910a4363e5d7d95303d44a14e95932b1797ecc252e7ffa4d7cb8d270c693cebbf3e632f1accbe6920460496d1f873d35b92c5430cb870d84d61d0556eea94a003e6785
Subject                         :   CN:newsubca, EM:, OU:, O:, L:, P:, C:
SubjectPublicKeyAlgorithm       :   rsaEncryption
SubjectPublicKey                :   00000000000000010000000102000000000301000100000100a0457dd22f1ff11a2c4f01f5fedcda5b26d88a167f056b2c915e690b3a2c1e30373a8e14e5f23586aaa9e68544bf8b5931f0dff6057936c3e8f48d2430ce9bdf2c00d30da314f4d3a88d7e112593429005b7095f8e4aec18fda5d1697d35882eab98796ae0fe20994edc5a5b1379521a65d9e168e6bfe6d842139a294c94aac122e51d7a5438ad8bf00f5098857a557a4f69f4b21bd08c9213d3458a7fb7c644c7fcb4806fb4f683941f7701cb131ffc2444aac314be88fb717c135bc7416390de4925d833e889362caefbaf1079656206acc5cfe424edc30e2cd7853223c505e3fefd28cc35c94c14742a912baee7f4197f680a91b69d496ea67b87cbd0c399
HasBasicConstraint              :   1
HasKeyUsage                     :   1
IsCa                            :   1
KeyUsage                        :   119 digitalSignature  nonRepudiation  keyEncipherment  keyAgreement  keyCertSign  cRLSign 
ExtendedKeyUsage                :   TLS Web Server Authentication, OCSP Signing, 
CDPUrl                          :   http://192.51.100.9:8080/ejbca/publicweb/webdist/certdist?cmd=crl&issuer=CN=ca

Display the offline subject certificate:

Switch:1>show certificate cert-type offline-subject-cert  
CERT table entry
Certificate Type                :   Offline Subject Certificate
VersionNumber                   :   X.509 v3
SerialNumber                    :   33f18af2c9ef62f5
IssuerName                      :   CN:newsubca, EM:, OU:, O:, L:, P:, C:
ValidityPeriodNotBefore         :   11/03/16 11:40:28
ValidityPeriodNotAfter          :   10/26/18 12:37:22
CertificateSignatureAlgorithm   :   sha256withRSAEncryption
CertificateSignature            :   2fd70da6d5a8f272f0f1cfc237eccb419eabd3c2fc8ca3c147c8f4b04efe2ecd8060f83f1ce420c37285e8a4a704249983e5b4545a9d0e7e684a03502d0d180ced5d2dd6747c8ab0f58b6f46ac56c6ff696dad6a93bd2c6249b32e74070499f6f94b0814ae7c14f1893ab1f2ce764340007eb06338bba5935ac5729e20e680c593f77dfa9aac96ea5ec1a884e28db4e68bfbea116beffdb91cb09ab9fc6ac2aaee0064a2ef241412b6ebe21564623b28eaba14ff7f2a07691c7703c50bc63b25dd18d21f0f08e63a33ca75cd49cfe93a9b6ff540d439008ac8e83a2393e94bf4b2e5fa1c3e3d8df1df538651f4936f9db117fd6adf0960eaf116a92c5bff7c06
Subject                         :   CN:newsub1, EM:test@mocana.com, OU:Engineering, O:Mocana, L:San Francisco, P:California, C:US
SubjectPublicKeyAlgorithm       :   rsaEncryption
SubjectPublicKey                :   00000000000000010000000102000000000301000100000100d35e399359ee6c24837a0394dff783c039bf4c6fe02000e31fecfa0a67b36fd390b3a1c29229af4ed24972186fc4991655479db597967b3bdda95c00bd1c07ca660ccf80aca1bccbe8cbe2db31a5cd5868433eb9ac85ab7b54438c4e0b2da260a13eef4900929514ee8bee184df40f11c0c766a0e6ca89424f2f3753039e8e20e3809d20fa59d319ccaecee4a32a4ab1da9bf7f566241dd76c11eb762ad320dafbcba73e658d0faa5ea1caf75f1e4889038a58b3e48e9e541bcb4f818eb9b3e84a57bc6714e789067226953d740c6ef38d67d5ec891598f62248a337a1176bd3edef8adec606bbae9781b88d32c8867629ddbc9f532338cf4ca53918dd98c609
HasBasicConstraint              :   1
HasKeyUsage                     :   1
IsCa                            :   0
KeyUsage                        :   15 digitalSignature  nonRepudiation  keyEncipherment  dataEncipherment 
ExtendedKeyUsage                :   TLS Web Server Authentication, OCSP Signing, 
CDPUrl                          :   http://192.51.100.9:8080/ejbca/publicweb/webdist/certdist?cmd=crl=&=CN=newsubca
OCSPUrl                         :   http://192.51.100.9:8080/ejbca/publicweb/status/ocsp
Status                          :   offline-certificate
Installed                       :   1

Display the online CA certificate:

Switch:1>show certificate cert-type online-ca-cert 

CERT table entry
Certificate Type                :   Online CA Certificate
VersionNumber                   :   X.509 v3
SerialNumber                    :   59f0b1a73c93b194
IssuerName                      :   CN:ca, EM:, OU:, O:, L:, P:, C:
ValidityPeriodNotBefore         :   10/27/16 09:49:59
ValidityPeriodNotAfter          :   10/26/18 12:37:22
CertificateSignatureAlgorithm   :   sha256withRSAEncryption
CertificateSignature            :   65c2bed6f0333d6bbc5aea24d682061cfebefeb4bea8f74b3687cb72d700aabcf38af039dbff1e3d818627c5a27bfb4310c5fdd8db7eaea7bfb06275bc86f1e479ed0ca5ec7a828b44f862e294ea4bd39a3a38b2ec5c87f2fb5baf98a856f380d9ec9f022ba5b05c328556233b7dc5d1359edc08966a194311eb76965ce509439a224c5c0004688cfdf154a855a80fd385538e00f5644792f9e496def7e293b2a20a60c782cc9bfcddc448e15024a0a49caa2bbefc82fa71cbda495915910a4363e5d7d95303d44a14e95932b1797ecc252e7ffa4d7cb8d270c693cebbf3e632f1accbe6920460496d1f873d35b92c5430cb870d84d61d0556eea94a003e6785
Subject                         :   CN:newsubca, EM:, OU:, O:, L:, P:, C:
SubjectPublicKeyAlgorithm       :   rsaEncryption
SubjectPublicKey                :   00000000000000010000000102000000000301000100000100a0457dd22f1ff11a2c4f01f5fedcda5b26d88a167f056b2c915e690b3a2c1e30373a8e14e5f23586aaa9e68544bf8b5931f0dff6057936c3e8f48d2430ce9bdf2c00d30da314f4d3a88d7e112593429005b7095f8e4aec18fda5d1697d35882eab98796ae0fe20994edc5a5b1379521a65d9e168e6bfe6d842139a294c94aac122e51d7a5438ad8bf00f5098857a557a4f69f4b21bd08c9213d3458a7fb7c644c7fcb4806fb4f683941f7701cb131ffc2444aac314be88fb717c135bc7416390de4925d833e889362caefbaf1079656206acc5cfe424edc30e2cd7853223c505e3fefd28cc35c94c14742a912baee7f4197f680a91b69d496ea67b87cbd0c399
HasBasicConstraint              :   1
HasKeyUsage                     :   1
IsCa                            :   1
KeyUsage                        :   119 digitalSignature  nonRepudiation  keyEncipherment  keyAgreement  keyCertSign  cRLSign 
ExtendedKeyUsage                :   TLS Web Server Authentication, OCSP Signing, 
CDPUrl                          :   http://192.51.100.9:8080/ejbca/publicweb/webdist/certdist?cmd=crl=&=CN=ca
OCSPUrl                         :   

Display the online subject certificate:

Switch:1>show certificate cert-type online-subject-cert 

CERT table entry
Certificate Type                :   Online Subject Certificate
VersionNumber                   :   X.509 v3
SerialNumber                    :   18684a25b80768f9
IssuerName                      :   CN:ca, EM:, OU:, O:, L:, P:, C:
ValidityPeriodNotBefore         :   11/07/16 12:36:43
ValidityPeriodNotAfter          :   10/26/18 12:37:22
CertificateSignatureAlgorithm   :   sha256withRSAEncryption
CertificateSignature            :   6efc5c0fe4f054e9800b029a08b4d2b2f205692379a74818c6c57baba49a2efce1f622397d3b31aa81d55e2fb222610116e975900887d0e80d48718e080413c8d661a73503481a810f1559c97335a16bb53d1b08024fa6d568b156788670cf9d5cb34bdb10b1a8eb936869d4a2d2eeb96241865d685b018d0e094fea7b5a28f3e8d03c15e1bafe2ba7ce18aaaddc22b6928e597756067758412d283c187123fbedf55c252fabd22ee85cbe558aed6070db3aa8db117f923d6509d543895c7510843c77b2b438de10e8bea2b76375e27641a6e6aaffd2003b58802a5c3d1b91e5f5f2d5a68fea4a82c95745b954cc93924aa451458db1707594c871d14511e6cd
Subject                         :   CN:192.51.100.9, EM:test@mocana.com, OU:Engineering, O:Mocana, L:San Francisco, P:California, C:US
SubjectPublicKeyAlgorithm       :   rsaEncryption
SubjectPublicKey                :   00000000000000010000000102000000000301000100000100928124a0e780954494d384b15276bb6fc6b9a88bb200bae0f7e8b9ce5fbea7387eff897e571362028b4678a491cbc9e74a2f985807c8ca48c5300cd17f349d98055f1a6868cd24956efa80ffd9013ce448ab58f31ce6fa0aae1faf9b6b2347d046af754cac7deb75c55eea7c582824d3f4fff9632d7044b532657777824105c1fd62584276be63c940effe5e307de1fe38fc50727cfdb6799f3575e13451901ee16dbfcf7d18b6a78574f7230a90021b5b977571358871925239725044604e74edc4ee236243682bdb30541cc8369580177179c92bec6891473827dcecb3046cadd78530a3b7cb3aad5126a95daaae919f9355a232ad1611b897ac22a08b7ff7
HasBasicConstraint              :   1
HasKeyUsage                     :   1
IsCa                            :   0
KeyUsage                        :   117 digitalSignature  keyEncipherment  keyAgreement  keyCertSign  cRLSign 
ExtendedKeyUsage                :   TLS Web Server Authentication, OCSP Signing, 
CDPUrl                          :   http://192.51.100.9:8080/ejbca/publicweb/webdist/certdist?cmd=crl=&=CN=ca
OCSPUrl                         :   http://192.51.100.9:8080/ejbca/publicweb/status/ocsp
Status                          :   active
Installed                       :   1

Variable Definitions

The following table defines parameters for the show certificate command.

Variable

Value

cert-type default-tls-certificate

Displays the default TLS certificate (self-signed).

cert-type online-ca-cert

Specifies Certificate Authority's Certificate obtained online from Certificate Authority.

cert-type online-subject-cert

Specifies subject certificate obtained online from Certificate Authority.

cert-type offline-ca-cert

Specifies Certificate Authority's certificate obtained offline from Certificate Authority.

cert-type offline-subject-cert

Specifies subject certificate obtained offline from Certificate Authority.

cert-type intermediate-ca-cert [WORD<1-80>]

Specifies the intermediate certificate obtained offline from Certificate Authority.

cert-type root-ca-cert [WORD<1-80>]

Specifies root certificate obtained offline from Root Certificate Authority.

ca [WORD<1–45>]

Specifies name of the Certificate Authority.

If the name is not specified, the command displays the CA details of all configured CA.

Job aid

This section describes the fields in the output for the different show certificate commands.

The following table describes the fields in the output for the show certificate cert-type command

Parameter

Description

Certificate Type

Indicates the type of certificate.

  • Self-signed certificate

  • Root Certificate

  • Offline subject certificate

  • Online subject certificate

  • Intermediate CA certificate

  • Offline CA certificate

  • Online CA certificate

VersionNumber

Indicates the certificate version number for the subject as issued by the Certificate Authority.

SerialNumber

Indicates the certificate serial number for the subject as issued by the Certificate Authority.

IssuerName

Indicates the certificate issuer name for the subject as issued by the Certificate Authority.

ValidityPeriodNotBefore

Indicates the certificate validation period start date for the subject as issued by the Certificate Authority.

ValidityPeriodNotAfter

Indicates the certificate validation period last date for the subject as issued by the Certificate Authority.

CertificateSignatureAlgorithm

Indicates the algorithm used for the issuer's signature on the certificate for the subject as issued by the Certificate Authority.

CertificateSignature

Indicates the issuer's signature on the certificate for the subject as issued by the Certificate Authority.

Subject

Indicates the details of the subject on its certificate as issued by Certificate Authority.

SubjectPublicKeyAlgorithm

Indicates the algorithm used to generate the subject's public key for the certificate issued by the Certificate Authority.

SubjectPublicKey

Indicates the public key of the subject used for Certificate Signing Request.

HasBasicConstraint

Indicates whether certificate contains basic certificate constraint.

HasKeyUsage

Indicates whether certificate contains basic key usage constraint.

IsCa

Indicates if the certificate is a CA certificate or not.

KeyUsage

Indicates the purpose of the key used in the certificate. It is represented in the form of bits as follows:

  • bit 0 - digitalSignature

  • bit 1 - nonRepudiation

  • bit 2 - keyEncipherment

  • bit 3 - dataEncipherment

  • bit 4 - keyAgreement

  • bit 5 - keyCertSign

  • bit 6 - cRLSign

  • bit 7 - encipherOnly

  • bit 8 - decipherOnly

ExtendedKeyUsage

Indicates the purpose for which the key is used in addition to or in place of the basic purposes indicated in the key-usage field of the certificate.

CDPUrl

Indicates the CDP URL present in the Digital Certificate Extensions field.

OCSPUrl

Indicates the OCSP URL present in the Digital Certificate AIA field.

Status

Indicates the certificate status.

Installed

Indicates if the certificate is installed.

The following table describes the fields in the output for the show certificate ca command

Parameter

Description

Name

Indicates the user defined name referring to the Certificate Authority issuing the Digital Certificate.

CommonName

Indicates the Common Name of the Certificate Authority issuing the Digital Certificate.

KeyName

Indicates the generated key pair that was first associated with the CA trustpoint.

CaUrl

Indicates the URL of the Certificate Authority issuing the Digital Certificate.

UsePost

Indicates if the HTTP request type is URL or POST. Where, TRUE indicates EJBCA and FALSE indicates Win2012 CA.

SubjectCertValidityDays

Indicates number of days for which subject certificate is valid.

Action

Indicates the various actions that a Certificate Authority can take.

  • noop - No operation

  • caauth - Certificate Authority authentication

  • enroll - Certificate Enrolment Request

  • renew - Certificate Renew Request

  • remove - Removes the subject certificate obtained online from the Certificate Authority

  • install - Installs the subject certificate obtained online from the Cerificate Authority

  • generateCsr - Generates the Certificate Signing Request required to obtain the Offline Subject Certificate

LastActionStatus

Indicates the status of the last action.

  • none - No action is performed yet

  • success - Execution of the action triggered is completed successfully

  • failed - Execution of the action triggered has failed

  • inProgress - Execution of the action triggered is in progress

LastActionFailureReason

Indicates the reason of failure for the last action performed by the Certificate Authority.

The following table describes the fields in the output for the show certificate key-name command

Parameter

Description

Key Name

Indicates the name of the key-pair generated for the subject. It is an auto generated entity, generated as the combination of key-type and key-size.

Public Key Value

Indicates the public key of the subject used to the Certificate Signing Request.

The following table describes the fields in the output for the show certificate subject command

Parameter

Description

CommonName

Indicates the Common Name field of the subject sending the Certificate Signing Request (CSR ) to the Certificate Authority.

EmailAddress

Indicates the Email address of the subject sending the CSR to the Certificate Authority.

OrganizationalUnit

Indicates the Organizational Unit field of the subject sending the CSR to the Certificate Authority.

Organization

Indicates the Organization of the subject sending the CSR to the Certificate Authority.

Locality

Indicates the name of the Locality of the subject sending the CSR to the Certificate Authority.

Province

Indicates the Province name of the subject sending the CSR to the Certificate Authority.

Country

Indicates the name of the country of the subject sending the CSR to the Certificate Authority.