add certificate
add certificate "name_CERTIFICATE" SINGLE NSID # MKID "#"
add certificate "name_CERTIFICATE" SINGLE IKE "ike certspec" ...
add certificate "name_CERTIFICATE" GROUP "name_CERTIFICATE" ...
add certificate "name_CERTIFICATE" { "name_CERTIFICATE" ... }
add certificate "name_CERTIFICATE" { "name_CERTIFICATE" ... } " { "name_CERTIFICATE" }
For GROUP certificates, a space-separated list of name_CERTIFICATE entries is given in the first pair of braces (or after the GROUP keyword).
For IKE certificate groups, a list of name_CERTIFICATE entries may also be given in the second pair of braces. Like the Address object, this second list represents certificates (or criteria) which are to be excluded. Unlike Address group objects, only a top-level Certificate group may have a non-empty exclusion list.
Note -
Groups which intermix SKIP and IKE Certificates are not allowed.
The following field is optional for SINGLE entries and may be specified in any order after the certificate keyword:
LOCAL "name_SCREEN"
The following fields are optional and can be specified in any order after the certificate keyword:
SCREEN "name_SCREEN"
COMMENT "comment string"
- © 2010, Oracle Corporation and/or its affiliates