The following table summarizes crypto CMP policy configuration commands:
|
Description |
Command |
|---|---|
| ca-server |
Configures the CA server details |
| cert-key-size | Configures the size of the key associated with a certificate request |
| cert-renewal-timeout | Configures a certificate renewal timeout in days |
| cross-cert-validate | Enables validation of the cross certificate with the factory certificate |
| hash-algorithm | Configures the hashing algorithm to be used by the CA to sign the digital certificate. This information is sent in the request for certification (new or renewal) to the CA server. |
| subjectAltName | Configures an alternate subject name for this CMP policy |
| trustpoint |
Configures a trustpoint and its associated information, such as the subject name, the sender‘s (device requesting certification) details, and the recipient's (CA) details |
| use |
Associates a device‘s autogen-uniqueid with this crypto CMP policy |
| no |
Removes the crypto CMP policy settings |
Note
The input parameter <HOSTNAME>, wherever used in syntaxes across this chapter, cannot include an underscore (_) character. In other words, the name of a device cannot contain an underscore.Note
For more information on common commands (clrscr, commit, help, revert, service, show, write, and exit), see Common Commands.