Configures a certificate renewal timeout in days. This is the number of days, before the expiration of the device‘s certificate, that a certificate renewal is triggered.
The expiration of device‘s certificate is checked once a day. When a certificate is about to expire a certificate renewal is initiated with the dedicated CMP CA server resource through an existing IPSec tunnel. If the tunnel is not established, the CMP renewal request is not sent. If a renewal succeeds the newly obtained certificate overwrites an existing certificate. If the renewal fails, an error is logged.
cert-renewal-timeout <1-60>
cert-renewal-timeout <1-60>
cert-renewal-timeout <1-60> | Configures the certificate renewal timeout in days. This
is the number of days, before the expiration of the device‘s certificate, that a
certificate renewal is triggered. Once the configured time is completed, the device
triggers a certificate renewal request.
|
ap505-D8273A(config-cmp-policy-CMP)#cert-renewal-timeout 60
ap505-D8273A(config-cmp-policy-CMP)#show context crypto-cmp-policy CMP cert-renewal-timeout 60 ca-server primary host 192.168.8.74 port 8 path cmp ap505-D8273A(config-cmp-policy-CMP)#
no | Reverts the certificate renewal timeout to default (14 days) |