Cisco Cisco ASR 5000
Exec Mode Commands (A-C)
cmp enroll current-cert ▀
Command Line Interface Reference, StarOS Release 18 ▄
4029
cmp enroll current-cert
Triggers a Certification Request (CR) after generating a public and private key pair, as well as an X.509 certificate to be
included in the CR for a second certificate from the same Certificate Authority (CA). This is a Certificate Management
Protocol v2 command.
included in the CR for a second certificate from the same Certificate Authority (CA). This is a Certificate Management
Protocol v2 command.
Product
All products supporting IPSec CMPv2 features
Important:
This command appears in the CLI for this release. However, it has not been qualified for use with
any current Cisco StarOS gateway products.
Privilege
Security Administrator
Mode
Exec
The following prompt is displayed in the Exec mode:
[local]host_name#
Syntax
cmp enroll current-cert old-cert-name modulus mod_type subject-name “subject_string”
cert-name name ca-root ca_name ca-url url
cert-name name ca-root ca_name ca-url url
current-cert
old-cert-name
Specifies a valid security gateway certificate as an alphanumeric string of 1 through 129 characters.
modulus
mod_type
Specifies the modulus of the generated certificate.
mod_type
is one of the following integers: 1024, 2048,
4096 or 512.
subject-name
“subject_string”
Specifies the subject string of the certificate in double quotation marks.
“subject_string”
is an
alphanumeric string of 1 through 256 characters.
cert-name
name
Specifies the name of the newly obtained certificate which also serves as the fileame to be stored on /flash
disk.
disk.
name
is an alphanumeric string of 1 through 129 characters.
ca-root
ca_name
Specifies the root certificate of the CA server..
ca_name
is an alphanumeric string of 1 through 129
characters.