Configures the primary and secondary CMP CA server details.
The CA is an external network authority (usually a trusted third-party server) that generates and issues digital certificates in response to requests received from network devices. Use this command to configure the primary and secondary CA server details, such as name of the device hosting the CA server, the port used to access the CA server, and the path where the certificate is stored. Once defined, devices using this CMP policy automatically send requests to the specified primary CA server, and retrieve the certificate from the specified location. If the primary CA server is not reachable, the requests are sent to the secondary CA server.
ca-server [primary|secondary] host <IP> port <1-65535> path <PATH>
ca-server [primary|secondary] host <IP> port <1-65535> path <PATH>
ca-server [primary|secondary] | Configures the primary and secondary CMP CA
server details (IPv4 address, port, and path)
The secondary CMP CA is used in case the primary CA server is not reachable. CA server settings are required to complete CMP requests. |
host <IP> |
Configures IP address or hostname of the device hosting the CA server
|
port <PORT-NUMBER> |
Configures IPv4 address of the device hosting the
primary/secondary CA server
|
port <1-65535> | Configures the port on which the
primary/secondary CA server can be reached
|
path <PATH> |
Configures the path or filename of the
primary/secondary CMP CA certificate. Enter the complete relative path to
the file on the server.
|
ap505-D8273A(config-cmp-policy-CMP)#ca-server primary host 192.168.8.74 port 8 path cmp
ap505-D8273A(config-cmp-policy-CMP)#show context crypto-cmp-policy CMP ca-server primary host 192.168.8.74 port 80 path cmp ap505-D8273A(config-cmp-policy-CMP)#
no | Removes the configured primary/secondary CA server details |