Cisco Cisco Packet Data Interworking Function (PDIF) Prospecto
Global Configuration Mode Commands (A-K)
ca-certificate ▀
Cisco ASR 5x00 Command Line Interface Reference ▄
5025
ca-certificate
Configures and selects an X.509 CA certificate to enable a security gateway or SCM to perform certificate-based peer
(client) authentication. The system supports a maximum of 16 certificates and 16 CA root certificates. A maximum of
four CA root certificates can be bound to a crypto or ssl template.
(client) authentication. The system supports a maximum of 16 certificates and 16 CA root certificates. A maximum of
four CA root certificates can be bound to a crypto or ssl template.
Product
All IPSec-related products
Privilege
Administrator, Security Administrator, Operator
Mode
Exec > Global Configuration
configure
Entering the above command sequence results in the following prompt:
[local]host_name(config)#
Syntax
ca-certificate name name { der url url | pem { data pemdata | url url [ cert-enc ] [
cert-hash-url url url ] } }
cert-hash-url url url ] } }
no ca-certificate name name
no
Disables ca-certificate.
name name
Names the CA certificate.
name
must be an alphanumeric string of 1 through 128 characters.
der url
Specifies that the der format is to be used.
url
is the url of the file containing certificate in der format.
url
must be an existing URL expressed in one
of the following formats:
[file:]{/flash | /pcmcia1 | /hd-raid}[/directory]/<filename
tftp://<host>[:<port>][/<directory>]/<filename
ftp://[<username>[:<password>]@]<host>[:<port>][/<directory>]/<filename
sftp://[<username>[:<password>]@]<host>[:<port>][/<directory>]/<filename
http://[<username>[:<password>]@]<host>[:<port>][/<directory>]/<filename
pem
Specifies that the Privacy-enhanced Electronic Mail (PEM) format is to be used.
data pemdata
CA certificate data in PEM format.
pemdata
must be an alphanumeric string of 1 through 4095 characters.