Switch identity profile

The switch can have multiple certificates using the same base identity but with different protocol usage. This profile captures the common identity data for use in multiple certificates. The switch identity profile is a configuration aid that configures default values used when creating multiple certificates. This profile is not used for any other purpose and is therefore optional. The user can enter both subject information and one or more IP addresses when creating an Identity Profile. There is no constraint to have either subject or IP addresses, they are not mutually exclusive although at least one must be present.

Syntax:

(config)# [no] crypto pki [identity-profile][profile-name] subject[CommonName <cn-value>] [Org <org-value> ] [OrgUnit <org-unit value>] [Locality <location-value>] [State <state-value>] [Country <country-code>]

Subject fields

If the certificate subject fields are not provided on the command line, they are interactively prompted as follows:

identity-profile

Creates an identity profile.

profile-name

Specify the Switch Id Profile name.

cn-value

Common Name (CN) – must be present, max length 90.

org-value

Organization Name (O) – preferred, max length 100.

org-unit value

Organizational Unit Name (OU) – preferred, max length 100.

location-value

Locality (L) – optional, max length 100.

state-value

State (ST) – optional, max length 100.

country-code

To specify the two letter ISO 3166-1 country code. Max length 2.