Cette procédure permet de créer un certificat de serveur.
Ajoutez une nouvelle CSR ou copiez une CSR existante.
hostname:configuration settings certificates system> clone cert-001
hostname:configuration settings certificates system (uncommitted)> get subject_commonname = hostname.us.example.com subject_organizationname = (unset) subject_organizationalunitname = (unset) subject_localityname = (unset) subject_stateorprovincename = (unset) subject_countryname = (unset) subject_emailaddress = (unset) dns = hostname.us.example.com ip = ip-addr uri = (unset) dirname = (unset) comment = (unset) hostname:configuration settings certificates system (uncommitted)> set comment="test" comment = test (uncommitted) hostname:configuration settings certificates system (uncommitted)> commit
hostname:configuration settings certificates system> list CERT TYPE SUBJECT COMMON NAME ISSUER COMMON NAME NOT AFTER cert-002 req hostname.us.example.com cert-001 cert hostname.us.example.com CA 2023-1-25 cert-000 cert 3ebff8d2-58f6-4de4-a2c... 3ebff8d2-58f6-4de4-a2c... 2038-1-19
hostname:configuration settings certificates system> dump cert-002 -----BEGIN CERTIFICATE REQUEST----- ... -----END CERTIFICATE REQUEST-----
Après avoir reçu le certificat signé de la part de la CA, effectuez les opérations suivantes :
hostname:configuration settings certificates system> import ("." to end)> -----BEGIN CERTIFICATE----- ... ("." to end)> -----END CERTIFICATE----- ("." to end)> .