[x]

 > Exporting certificates

 

 Next

Exporting certificates

[IMPORTANT: ]

IMPORTANT:

To export all certificates in the PKCS12 format, the PKI domain must have a minimum of one local certificate. Otherwise, the certificates in the PKI domain cannot be exported.

You can export the CA certificate and the local certificates in a PKI domain to certificate files. The exported certificate files can then be imported back to the device or other PKI applications.

When you export a local certificate with the RSA key pair, the name of the target file might not be the same as specified in the command. It depends on the purpose of the key pair of the certificate.

To export certificates:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Export certificates.

  • Export certificates in DER format:pki export domain domain-name der { all | ca | local } filename filename

  • Export certificates in PKCS12 format:pki export domain domain-name p12 { all | local } passphrase p12passwordstring filename filename

  • Export certificates in PEM format:pki export domain domain-name pem { { all | local } [ { 3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc } pempasswordstring ] | ca } [ filename filename ]

If you do not specify a file name when you export a certificate in PEM format, the certificate is displayed on the terminal.

prev

 

up

 next

Specifying the storage path for the certificates and CRLs 

home

 Removing a certificate

© Copyright 2015, 2017 Hewlett Packard Enterprise Development LP