Manually submitting an online certificate request
About manual online certificate request mode
In manual request mode, you must execute the pki request-certificate domain command to request a local certificate in a PKI domain. The certificate will be saved in the domain after it is obtained from the CA.
Procedure
Enter system view.
system-view
Enter PKI domain view.
pki domain domain-name
Set the certificate request mode to manual.
certificate request mode manual
By default, the manual request mode applies.
Return to system view.
quit
Obtain a CA certificate.
See "Obtaining certificates."
This step is required if the PKI domain does not have a CA certificate. The CA certificate is used to verify the authenticity and validity of the obtained local certificate.
Manually submit an SCEP certificate request.
pki request-certificate domain domain-name [ password password ]
This command is not saved in the configuration file.
If the CA policy requires a password for certificate revocation, specify the password in this command.