Use this command to generate a certificate signing request and private key for the named topology. The gen-certreq command is available from the topology:<named-topology>:l3 context of the CLI.
| cn | Common name that you want to assign to the controller interfaces. This is a mandatory parameter. If the common name is an IPv6 address, a [] is needed around the IPv6 address (see example, below). |
| location | Keyword indicating that the next three parameters specify the location where the controller is operating. |
| country | The name of the country where the controller is located. You must use the two-letter ISO abbreviation for the country. |
| state | The name of the state or province where the controller is located. |
| city | The name of the city where the controller is located. |
| organization | Keyword indicating that the next two parameters specify the name of the organization to which the controller belongs. |
| name | Organization name. |
| unit | Organization unit name. |
| Key word that identifies the following parameter as an email address. | |
| email_addr | Email address. |
| ipv6 | Specifies that the certificate supports IPv6 addressing. |
| key-size | Specifies that the certificate supports key size. Valid key size values are 1024 or 2048. |
If a DNS name is used as the common name, a DNS lookup is performed. If the DNS name is not found, a warning is displayed.
Once the CSR file has been created, you can copy it to an FTP or SCP server using the command copy-csr. You can apply the certificate with the command cert.
The following example shows a certificate request with a common name that is an IPv6 address: EWC.extremenetworks.com:ap:topology:Seg1_Routed:l3# gen_certreq [fd66:2280:2668::12] location CA Ontario Mississauga organization mnj_Ware_House Service email me@email.com ipv6 key-size 2048
Print
this page
Email this topic
Feedback
View PDF
Download EPUB