Cisco Cisco Packet Data Interworking Function (PDIF)
IPSec Certificates
▀ Certificate Management Protocol (CMPv2)
▄ IPSec Reference, StarOS Release 16
120
cmp update current-cert
Triggers a Key Update Request after generating a public and private key pair, as well an X.509 certificate to be included
in the Key Update Request for a certificate that is about to expire. This is a Certificate Management Protocol v2
command.
in the Key Update Request for a certificate that is about to expire. This is a Certificate Management Protocol v2
command.
cmp update current-cert old-cert-name modulus mod_type ca-root ca_name ca-url url
Refer to the Command Line Interface Reference for a complete description of this command and its keywords.
cmp fetch current-cert -name
This command is only applicable for the ASR 9000 platform. CMPv2 operations are performed only on one Virtual
Services Module (VSM) in the chassis. The certificates along with the private key file and the root certificate are stored
on the supervisor card. When invoked on other VSMs in the chassis, this command reads the certificate, private key and
the root certificate from the supervisor card.
Services Module (VSM) in the chassis. The certificates along with the private key file and the root certificate are stored
on the supervisor card. When invoked on other VSMs in the chassis, this command reads the certificate, private key and
the root certificate from the supervisor card.
cmp fetch current-cert old-cert-name ca-root ca_name
Refer to the Command Line Interface Reference for a complete description of this command and its keywords.
cmp poll cert-name
Triggers a pollReq for the specified certificate.
cmp poll current-cert old-cert-name
Global Configuration Mode Commands
cmp auto-fetch
Use this command to add a fetch configuration for each certificate for which automatic update is required. This is a
Certificate Management Protocol v2 command.
Certificate Management Protocol v2 command.
cmp auto-fetch current-name cert_name ca-root ca_name time days
Refer to the Command Line Interface Reference for a complete description of this command and its keywords.
cmp cert-store location
Use this command to add a file location on /flash disk where the certificates and private keys will be stored. This is a
Certificate Management Protocol v2 command.
Certificate Management Protocol v2 command.
cmp cert-store location pathname [key reuse]
Refer to the Command Line Interface Reference for a complete description of this command and its keywords.
cmp cert-trap time
Defines when an SNMP MIB certificate expiry trap should be sent as the number of hours before expiration.
cmp cert-trap time hours