Cisco Cisco Packet Data Gateway (PDG)
cmp enroll current-cert
Triggers a Certification Request (CR) after generating a public and private key pair, as well as an X.509
certificate to be included in the CR for a second certificate from the same Certificate Authority (CA). This is
a Certificate Management Protocol v2 command.
certificate to be included in the CR for a second certificate from the same Certificate Authority (CA). This is
a Certificate Management Protocol v2 command.
Product
All products supporting IPSec CMPv2 features
This command appears in the CLI for this release. However, it has not been qualified for use with any
current Cisco StarOS gateway products.
current Cisco StarOS gateway products.
Important
Privilege
Security Administrator
Command Modes
Exec
The following prompt is displayed in the Exec mode:
[local]
host_name
#
Syntax Description
cmp enroll current-cert old-cert-name modulus mod_type subject-name "subject_string" cert-name
name ca-root ca_name ca-url url
name ca-root ca_name ca-url url
current-cert old-cert-name
Specifies a valid security gateway certificate as an alphanumeric string of 1 through 129 characters.
modulus mod_type
Specifies the modulus of the generated certificate. mod_type is one of the following integers: 1024, 2048,
4096 or 512.
4096 or 512.
subject-name "subject_string"
Specifies the subject string of the certificate in double quotation marks. "subject_string" is an alphanumeric
string of 1 through 256 characters.
string of 1 through 256 characters.
cert-name name
Specifies the name of the newly obtained certificate which also serves as the fileame to be stored on /flash
disk. name is an alphanumeric string of 1 through 129 characters.
disk. name is an alphanumeric string of 1 through 129 characters.
Command Line Interface Reference, Modes E - F, StarOS Release 19
458
Exec Mode Commands (A-C)
cmp enroll current-cert