crypto ca enroll

Parameters

trustpoint-name

Defines the name of the trustpoint you are enrolling. This name needs to be the same as that of the trustpoint created by the crypto ca trustpoint command. The string for the name cannot be left blank. The length of the string can range from 1 through 64 characters.

cert-type commoncert | https | ssh-x509v3}

Indicates that the certificate is used for common, HTTPS, or SSH-x509v3 server authentication.

common common-name

Identifies the name used to connect to the device through HTTPS. Enter a Fully Qualified Domain Name (FQDN) or IP address. If a FQDN is used, you need to configure a domain name and name server on the device.

country country-name

Defines the two-letter country code for generating the CSR.

state state-name

Defines the state name for generating the CSR.

locality locality-name

Defines the locality name for generating the CSR.

organization org-name

Defines the organizational unit name for generating the CSR.

orgunit orgunit

Defines the name of the certification file.

directory dir_name

Defines the path of the directory to export the Certificate Signing Request.

file file-name

Defines the file name of the CSR.

host host-address

Specifies the host name or IP address of the remote certificate server.

source-ip source-ip

(SCP only) Specifies the source IP address to use in the header.

protocol {FTP | SCP}

Specifies the use of either FTP or SCP protocol for exporting the certification file.

user user-name

Defines the user name for the host server.

password password

Defines the password for the user name for the host server.

Note

As a best practice, do not list the password in the command line for security purposes. The user will be prompted for the password.