Create a certificate signing request
Creates a certificate signing request on the switch. Including the subject will override the configured identify profile.
Syntax
crypto pki create-csr certificate-name CERT-NAME
ta-profile Profile-Name
[usage <openflow | web | all>][key-type rsa key-size <1024|2048>] [key-type ecdsa curve <256|384>] [subject [command-name CN-Value
] [org Org-Value
] [org-unit Org-unit-value
] [locality Location-Value
] [state state-Value
] [countryCountry-Code
]] [valid-start date
valid-end date
]
Definitions
profile-name
|
A name (maximum 100 characters) with a unique identifier for the Trust Anchor Profile. Ten TA profiles are supported: one for each allowed trust anchor (Root CA certificate.)
|
usage
|
When usage is set to all , it includes the OpenFlow and web applications, as well as other applications such syslog.
|
Options
rsa
|
Uses the RSA key. You must specify the size of the key, key-size . Default is 1024.
|
ecdsa
|
Uses the ECDSA key. You must specify the elliptic curve size, curve . Default is 256.
|
|
|
NOTE: Attempting to install a CA signed ecdsa 256/384 bit certificate fails with an error similar to Invalid certificate .
|
|
|
|