要创建新证书,请使用以下步骤。
或者,要基于现有 CSR 或证书创建新 CSR,请输入以上上下文,然后输入命令 clone CSR or certificate number。例如:
hostname:configuration services identity certificates> clone cert-000
hostname:configuration services identity cert (uncommitted)> get
subject_commonname = hostname.us.example.com
subject_organizationname = (unset)
subject_organizationalunitname = (unset)
subject_localityname = (unset)
subject_stateorprovincename = (unset)
subject_countryname = (unset)
subject_emailaddress = (unset)
dns = hostname.us.example.com
ip = 192.0.2.1
uri = (unset)
comment = (unset)
hostname:configuration services identity cert (uncommitted)> set comment="test certificate"
comment = test certificate (uncommitted)
hostname:configuration services identity cert (uncommitted)> commit
hostname:configuration services identity certificates> show
Properties:
default = auto
Certificates:
CERT TYPE FOR ISSUER EXPIRES
cert-000 req hostname.us.example.com
cert-001 CA Joe Test CA Joe Test CA 2015-1-2
cert-002 cert hostname.us.example.com Joe Test CA 2015-12-3
hostname:configuration services identity certificates> dump cert-000 -----BEGIN CERTIFICATE REQUEST----- MIICwzCCAasCAQIwIjEgMB4GA1UEAxMXaG9zdG5hbWUudXMuZXhhbXBsZS5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU4ErPuRrVfy21K2qyfgY9 P4bSXMlZxP48HKI/jVuS4MNeVHCL3TILvuixXx217qjacCkiIKDG5z1TFIApt2Ee 4rU7PC1YgYw8HAHDq+GJbSV2CWlVC78muNFntSuzsFAljdTr/f/5qQdQwfxvJ+Oi a4JU03mTn2eUP75EA9ASEmGWH/V3bnWdzuOuc/LFuXRSmb3WOgwYrIeHk6mcJzEE zZtLIF9KQQzSisu4m2JjcScta0YSWIC0TPOwar5Gc8vIoIC7gJahw4/WvZAFNZ/8 c/nVBs4/hXhyGMDSII0yULI03U8jJN3GgssW+4C0KmcgQJMzWJ2Cax4GsSuu8MDh AgMBAAGgXDBaBgkqhkiG9w0BCQ4xTTBLMB8GCWCGSAGG+EIBDQQSFhB0ZXN0IGNl cnRpZmljYXRlMCgGA1UdEQQhMB+CF2hvc3RuYW1lLnVzLmV4YW1wbGUuY29thwTA AAIBMA0GCSqGSIb3DQEBCwUAA4IBAQByGSGrS/DoStsAYyYCYu6y4TN5i903ASlW m9+CXXbNj6XYXgWssqDOvJOnW/TGoGHN3f3741Xgbf6snFQ3T1MN9Dm6rcZ95tOM PlxfVY9ar8WyGSE8ttunxPDjNbBRoK0aR7qMq5JMH0rKS9Iuz9WghiaGLw7WBalN akCjxFS8yh5sVqF9zAqoa0ObuXnQ3kfTDVzYvroy2yummBfxrJB5t35bbTqZNT/f bRoSMtroHL+iWBx1zK+A7OS5/+ZuoW8PqpHRkf0/j7Y9Jz1tfhTVyu1bbxE6ZyLD lhwblMXqR/3xptwym1vy5dYBJsQLKroA8nr/xFb3nhJB8nI+dxSN -----END CERTIFICATE REQUEST-----
hostname:configuration services identity certificates> import
("." to end)> -----BEGIN CERTIFICATE-----
("." to end)> MIID0DCCArigAwIBAgIBQDANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx
("." to end)> EzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAcMC0xvcyBBbmdlbGVzMQ8wDQYD
("." to end)> VQQKDAZPcmFjbGUxEDAOBgNVBAsMB1N5c3RlbXMxFDASBgNVBAMMC0pvZSBUZXN0
("." to end)> IENBMSUwIwYJKoZIhvcNAQkBFhZGaXJzdC5MYXN0QGV4YW1wbGUuY29tMB4XDTE0
("." to end)> MTIwNDAwMzEzM1oXDTE1MTIwNDAwMzEzM1owIjEgMB4GA1UEAxMXaG9zdG5hbWUu
("." to end)> dXMuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU
("." to end)> 4ErPuRrVfy21K2qyfgY9P4bSXMlZxP48HKI/jVuS4MNeVHCL3TILvuixXx217qja
("." to end)> cCkiIKDG5z1TFIApt2Ee4rU7PC1YgYw8HAHDq+GJbSV2CWlVC78muNFntSuzsFAl
("." to end)> jdTr/f/5qQdQwfxvJ+Oia4JU03mTn2eUP75EA9ASEmGWH/V3bnWdzuOuc/LFuXRS
("." to end)> mb3WOgwYrIeHk6mcJzEEzZtLIF9KQQzSisu4m2JjcScta0YSWIC0TPOwar5Gc8vI
("." to end)> oIC7gJahw4/WvZAFNZ/8c/nVBs4/hXhyGMDSII0yULI03U8jJN3GgssW+4C0Kmcg
("." to end)> QJMzWJ2Cax4GsSuu8MDhAgMBAAGjgZkwgZYwCQYDVR0TBAIwADAdBgNVHQ4EFgQU
("." to end)> aB36PqLQLE0+q9Au7PoefvdSnvkwHwYDVR0jBBgwFoAUzD6A5miqxSmbDEtBAI4u
("." to end)> LUPMZU8wHwYJYIZIAYb4QgENBBIWEHRlc3QgY2VydGlmaWNhdGUwKAYDVR0RBCEw
("." to end)> H4IXaG9zdG5hbWUudXMuZXhhbXBsZS5jb22HBMAAAgEwDQYJKoZIhvcNAQEFBQAD
("." to end)> ggEBAFAmjiCrhnTaulpDCU0H9mFLee7Tft0lvCOh1G1Y33sjwWwVgy0F5A3ymrdG
("." to end)> enQgEGdl+CzoxL2qM0bpp7Qk/DdEcYdCydpOhfyg18S6mRwaFDvBidZZ+PRR7zo5
("." to end)> hGFu+eLPddeAq0jqOtlhnlkTESSyseUk5PCv5Px5xTtIHRg2bcb5VtUCu0iW2hDT
("." to end)> vyPtjqb0aP6eTuWzDZaM9YWQ5BfIcU6hO+zSWHywhCsDs4S62vh8hYozVf66mgsp
("." to end)> vaGPnv01xBigK+FcPi9PzomHwv+5UKDBOm6QOKkHOdO908jFxxCC1SYw6G/Cjl+g
("." to end)> 2ai9ZwREdTkcjcgQDxeHNZCpcHk=
("." to end)> -----END CERTIFICATE-----
("." to end)> .
hostname:configuration services identity certificates> show
Properties:
default = auto
Certificates:
CERT TYPE FOR ISSUER EXPIRES
cert-000 req hostname.us.example.com Joe Test CA 2015-12-4
cert-001 CA Joe Test CA Joe Test CA 2015-1-2
cert-002 cert hostname.us.example.com Joe Test CA 2015-12-3