- Oracle ZFS Storage Appliance Administration Guide, Release OS8.8.x
- Configuring the Appliance
- Configuring Certificates
- Viewing CSR and Certificate Details (CLI)
Viewing CSR and Certificate Details (CLI)
Use this procedure to view CSR and certificate details.
A system certificate can be an automatically-generated domain- or IP-address-based certificate, an automatically-generated ASN-based certificate, or a CA-signed certificate.
- Go to
configuration settings certificates system
. - Enter the
list
command.If you have not deleted them, you should see at least one automatically generated certificate based on the domain or IP address, and exactly one automatically generated certificate based on the Appliance Serial Number (ASN) UUID.
hostname:configuration settings certificates system> list CERT TYPE SUBJECT COMMON NAME ISSUER COMMON NAME NOT AFTER cert-002 cert alice.example.com... alice.example.com... 2038-1-19 cert-001 cert 17f5fdce-6d64-4736... 17f5fdce-6d64-4736-... 2038-1-19
- Use the
get
command to view the details of a CSR or certificate.-
The following is an example of an automatically generated ASN-based certificate.
In the following example, the values of
subject_commonname
,issuer_commonname
, anddirname
(distinguished name) are the ASN UUID. For a cluster,dirname
includes the ASN UUID of each peer.hostname:configuration settings certificates system> select cert-001 hostname:configuration settings certificates system cert-002> get uuid = uuid subject_commonname = 17f5fdce-6d64-4736-882c-bff99680bce6 issuer_commonname = 17f5fdce-6d64-4736-882c-bff99680bce6 dirname = 17f5fdce-6d64-4736-882c-bff99680bce6,a040a259-53b0-4967-8b71-f65e7fbd8bed comment = Automatically generated notbefore = 2006-2-15 18:00 notafter = 2038-1-19 03:14:07 rialnumber = 5D:DD:79:C5:00:00:00:03 a1fingerprint = 60:AF:B4:EB:63:B3:E4:76:E0:90:C6:DD:93:7C:F8:61:71:E4:67:68
-
The following is an example of an automatically generated conventional certificate.
hostname:configuration settings certificates system> select cert-002 hostname:configuration settings certificates system cert-002> get uuid = uuid subject_commonname = alice.example.com issuer_commonname = alice.example.com dns = alice.example.com,alice,ip-addr ip = ip-addr uri = https://alice.example.com:215,https://alice:215,https://ip-addr comment = Automatically generated notbefore = 2006-2-15 18:00 notafter = 2038-1-19 03:14:07 serialnumber = 59:8A:73:7B:00:00:00:27 sha1fingerprint = 0A:14:26:ED:C7:43:0D:30:33:98:87:24:C5:9B:A2:52:55:FE:B1:D7
-
The following is an example of a CSR.
uuid = uuid subject_commonname = alice.example.com subject_organizationname = Example Corp, Inc subject_localityname = Exampleton subject_stateorprovincename = CA subject_countryname = US dns = alice.example.com ip = ip-addr
-
The following is the CA-signed certificate that results from the preceding CSR.
uuid = uuid subject_commonname = alice.example.com subject_organizationname = Example Corp, Inc subject_localityname = Exampleton subject_stateorprovincename = CA subject_countryname = US issuer_commonname = Most Trusted Certificate issuer_organizationname = Totally Trustworthy Certificates, Inc issuer_localityname = Trustville issuer_stateorprovincename = AK issuer_countryname = US dns = alice.example.com ip = ip-addr notbefore = 2021-3-16 17:51:19 notafter = 2022-3-16 17:51:19 serialnumber = 4F sha1fingerprint = 62:FB:29:84:8C:3E:0E:C6:D2:49:88:38:F2:53:12:8D:A5:F9:96:88
-