ZyXEL Communications 4.04 ユーザーズマニュアル
Chapter 8 Certificates Commands
ZyWALL (ZyNOS) CLI Reference Guide
57
certificates my_cert create
cmp_enroll <name> <ca-address>
<ca-cert> <auth-key> <subject>
[key-length]
Creates a certificate request and enroll for a certificate
immediately online using CMP protocol.
immediately online using CMP protocol.
R+B
certificates my_cert create
request <name> <subject> [key-
length]
Creates a certificate request and saves it on the ZyWALL for later
manual enrollment.
manual enrollment.
R+B
certificates my_cert create
self_signed <name> <subject>
<key-length> [validity-period]
Creates a self-signed local host certificate.
key-length
: specifies the key size. Valid options are 0, 512,
768, 1024, 1536 and 2048 bits. 0 applies the default value of
1024.
1024.
validity-period
: specifies the validity period in years. Valid
range is 1~30. The default is 3.
R+B
certificates my_cert
def_selfsigned [name]
Sets the specified self-signed certificate as the default self-signed
certificate. If you do not specify a name, the name of the current
self-signed certificate displays.
certificate. If you do not specify a name, the name of the current
self-signed certificate displays.
R+B
certificates my_cert delete
<name>
Removes the specified local host certificate.
R+B
certificates my_cert export
<name>
Exports the PEM-encoded certificate to your CLI session window
for you to copy and paste.
for you to copy and paste.
R+B
certificates my_cert
http_import <url> <name>
[proxy-url]
Imports the specified certificate file from the specified remote web
server as the device’s own certificate. The certificate file must be
in one of the following formats: 1) Binary X.509, 2) PEM-encoded
X.509, 3) Binary PKCS#7, and 4) PEM-encoded PKCS#7.
A certification request corresponding to the imported certificate
must already exist. The certification request is automatically
deleted after the importation.
server as the device’s own certificate. The certificate file must be
in one of the following formats: 1) Binary X.509, 2) PEM-encoded
X.509, 3) Binary PKCS#7, and 4) PEM-encoded PKCS#7.
A certification request corresponding to the imported certificate
must already exist. The certification request is automatically
deleted after the importation.
R+B
certificates my_cert import
[name]
Imports the PEM-encoded certificate from your CLI session. A
corresponding certification request must already exist on the
ZyWALL. The certification request is automatically deleted after
the importation. The name is optional, if you do not specify one,
the certificate adopts the name of the certification request. After
you enter the command, copy and paste the PEM-encoded
certificate into your CLI session window. With some terminal
emulation software you may need to move your mouse around to
get the transfer going.
corresponding certification request must already exist on the
ZyWALL. The certification request is automatically deleted after
the importation. The name is optional, if you do not specify one,
the certificate adopts the name of the certification request. After
you enter the command, copy and paste the PEM-encoded
certificate into your CLI session window. With some terminal
emulation software you may need to move your mouse around to
get the transfer going.
R+B
certificates my_cert list
Displays all my certificate names and basic information.
R+B
certificates my_cert poll_req
<name>
Queries an SCEP server about a certification request that is
pending in an SCEP server's queue.
pending in an SCEP server's queue.
R+B
certificates my_cert rename
<old-name> <new-name>
Renames the specified my certificate.
R+B
certificates my_cert
replace_factory
Creates a certificate using your device MAC address that is
specific to this device. The factory default certificate is a common
default certificate for all ZyWALL models.
specific to this device. The factory default certificate is a common
default certificate for all ZyWALL models.
R+B
certificates my_cert verify
<name> [timeout]
Has the ZyWALL verify the certification path of the specified local
host certificate.
host certificate.
R+B
certificates my_cert view
<name>
Displays information about the specified local host certificate.
R+B
certificates remote_trusted
delete <name>
Removes the specified trusted remote host certificate.
R+B
Table 24 Certificates Commands (continued)
COMMAND
DESCRIPTION
M