Create and enroll a self-signed certificate

Creates and enrolls a self-signed local certificate. Including the subject will override the configured identity profile.

Syntax


crypto pki enroll-self-signed certificate-name CERT-NAME [subject [command-name <CN-Value>] 
[org <Org-Value>] [org-unit <Org-unit-value>] [locality <Location-Value>] 
[state <state-Value>] [country <Country-Code>] [valid-start <date> valid-end <date>] 
[usage <openflow | web | all | captive-portal | syslog | radsec-client>]
[key-type rsa key-size <1024|2048>] [key-type ecdsa curve <256|384>]

Parameters

profile-name

A name (maximum 100 characters) with a unique identifier for the Trust Anchor Profile. Ten TA profiles are supported: one for each allowed trust anchor (Root CA certificate.)

usage

When usage is set to all, it includes OpenFlow and web applications, as well as other applications such as syslog.

rsa

Uses the RSA key. You must specify the size of the key, key-size. Default is 1024.

ecdsa

Uses the ECDSA key. You must specify the elliptic curve size, curve. Default is 256.