要创建新的服务器证书,请使用以下步骤。
或者,要基于现有 CSR 或证书创建新 CSR,请进入以上上下文,然后输入命令 clone CSR or certificate number。例如:
hostname:configuration settings certificates system> clone cert-000
hostname:configuration settings certificates system (uncommitted)> get subject_commonname = hostname.us.example.com subject_organizationname = (unset) subject_organizationalunitname = (unset) subject_localityname = (unset) subject_stateorprovincename = (unset) subject_countryname = (unset) subject_emailaddress = (unset) dns = hostname.us.example.com ip = 192.0.2.1 uri = (unset) comment = (unset) hostname:configuration settings certificates system (uncommitted)> set comment="test certificate" comment = test certificate (uncommitted) hostname:configuration settings certificates system (uncommitted)> commit
hostname:configuration settings certificates system> show Properties: default = auto System Certificates: CERT TYPE SUBJECT ISSUER EXPIRES cert-000 req hostname.us.example.com cert-001 CA Joe Test CA Joe Test CA 2038-1-19 cert-002 cert hostname.us.example.com Joe Test CA 2038-1-21
hostname:configuration settings certificates system> dump cert-000 -----BEGIN CERTIFICATE REQUEST----- MIICwzCCAasCAQIwIjEgMB4GA1UEAxMXaG9zdG5hbWUudXMuZXhhbXBsZS5jb20w ... lhwblMXqR/3xptwym1vy5dYBJsQLKroA8nr/xFb3nhJB8nI+dxSN -----END CERTIFICATE REQUEST-----
hostname:configuration settings certificates system> import ("." to end)> -----BEGIN CERTIFICATE----- ("." to end)> MIID0DCCArigAwIBAgIBQDANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx … ("." to end)> 2ai9ZwREdTkcjcgQDxeHNZCpcHk= ("." to end)> -----END CERTIFICATE----- ("." to end)> .
hostname:configuration settings certificates system> show Properties: default = auto System Certificates: CERT TYPE SUBJECT ISSUER EXPIRES cert-000 req hostname.us.example.com cert-001 CA Joe Test CA Joe Test CA 2038-1-19 cert-002 cert hostname.us.example.com Joe Test CA 2038-1-21