3com MSR 20-20 참조 매뉴얼
2062
C
HAPTER
134: PKI C
ONFIGURATION
C
OMMANDS
pki validate-certificate
Syntax
pki validate-certificate { ca | local } domain domain-name
View
System view
Parameter
ca: Validates the CA certificate.
local: Validate the local certificate.
domain-name: Name of the PKI domain the certificate to be validated is for, a
string of 1 to 15 characters.
string of 1 to 15 characters.
Description
Use the pki validate-certificate command to verify the validity of a certificate.
The focus of certificate validity verification is to check that the certificate is signed
by the CA and that the certificate has neither expired nor been revoked.
by the CA and that the certificate has neither expired nor been revoked.
Related command:
Example
# Verify the validity of the local certificate.
<Sysname> system-view
[Sysname] pki validate-certificate domain 1
root-certificate fingerprint
Syntax
root-certificate fingerprint { md5 | sha1 } string
undo root-certificate fingerprint
View
PKI domain view
Parameter
md5: Uses an MD5 fingerprint.
sha1: Use a SHA1 fingerprint.
string: Fingerprint to be used. An MD5 fingerprint must be a string of 32
characters in hexadecimal. A SHA1 fingerprint must be a string of 40 characters in
hexadecimal.
characters in hexadecimal. A SHA1 fingerprint must be a string of 40 characters in
hexadecimal.
Description
Use the root-certificate fingerprint command to configure the fingerprint to
be used for validating the CA root certificate.
be used for validating the CA root certificate.
Use the undo root-certificate fingerprint command to remove the
configuration.
configuration.
By default, no fingerprint is configured for validating the CA root certificate.