User`s guide
422
Ignore NONCE in SCEP response
The parameter instructs the router to ignore the NONCE field in the SCEP response. The
NONCE is primarily used to prevent replay attacks.
Related CLI Commands
Entity
Instance
Parameter
Values
Equivalent Web Parameter
scep 0 host IP Address SCEP Server IP address
scep 0 port 0 - 65535 Port
scep 0 path String Path
scep 0 app String Application
scep 0 caident String CA Identifier
scep 0 cafile Filename CA certificate
scep 0 caencfile Filename CA encryption certificate
scep 0 casigfile Filename CA signature certificate
creq 0 challenge_pwd String Enrolment Password
creq 0 commonname String Common Name (CN)
creq 0 country String Country Code (C)
creq 0 state String State or Province (ST)
creq 0 locality String Locality (L)
creq 0 orgname String Organisation (O)
creq 0 org_unit String Organisational Unit (OU)
creq 0 email Email Address E-Mail
creq 0 unstructname String Unstructured Name
creq 0 digest MD5 or SHA1 Digest Algorithm
The creq command can also be used to generate the certificate request using the
configured parameters. If the private key does not already exist and appropriate parameters
are entered, the key will be generated at the same time.
To generate a certificate request, enter the command:
creq new -k<priv key file> -o<cert request file>
To generate a private key and a certificate request, enter the command:
creq new –b<priv key length> -k<priv key file> -o<cert req file>
For example, to generate a certificate request file called “request.pem” from a private key
called “priv001.pem”, enter:
creq new -kpriv001.pem -o request.pem
To generate a 512 bit private key called “private.pem”, and generate a certificate request
called “certreq.pem” using that file, enter:
creq new -b512 -kprivate.pem -ocertreq.pem