HP-UX IPSec A.03.01.01 Release Notes (HP-UX 11i Version 3)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

Revised ipsec_config add csr command syntax

The new command syntax for the command is as follows:

ipsec_config add csr -subj[ect_name] subject_name

[-alt-ipv4 ipv4_addr1 [-alt-ipv4 ipv4_addr2 ... -alt-ipv4 ipv4_addr20]]

[-alt-fqdn fqdn1 [-alt-fqdn fqdn2 ... -alt-fqdn fqdn20]]

[-alt-user-fqdn user_fqdn1 [-alt-user-fqdn user_fqdn2 ... -alt-user-fqdn user_fqdn20]]

[-key_length number_bits] [-days number_days]

Description of revised ipsec_config add csr command alternative-name

options

The following includes specifics about the three alternative-name options:

-alt-ipv4 ipv4_addr Specifies the IPv4 address you want in the

subjectAlternativeName field of the certificate. You can

specify up to 20 IPv4 addresses by repeating the

-alt-ipv4 ipv4_addr argument accordingly. For

example, the following specifies three IPv4 addresses:

-alt-ipv4 192.6.2.2 -alt-ipv4 192.6.2.3

-alt-ipv4 192.6.2.5

-alt-fqdn fqdn Specifies the Fully Qualified Domain Name (FQDN) you

want in the subjectAlternativeName field of the certificate,

such as myhost.acme.com. The FQDN is also referred to

as the Domain Name Service or DNS name. You can specify

up to 20 FQDNs by repeating the -alt-fqdn fqdn

argument accordingly. For example, the following specifies

two FQDNs:

-alt-fqdn myhost1.acme.com -alt-fqdn

myhost2.acme.com

-alt-user-fqdn user_fqdn1 Specifies the User-FQDN you want in the

subjectAlternativeName field of the certificate, such as

johnson@myhost.acme.com. You can specify up to 20

User-FQDNs by repeating the -alt-user-fqdn

user_fqdn argument accordingly. For example, the

following specifies two User-FQNDs:

-alt-user-fqdn johnson@myhost.acme.com

nichols@home.acme.com

Examples of the ipsec_config add csr command specifying multiple

alternative names

In the following example, the ipsec_config add csr command specifies two IPv4 addresses,

two FQDNs, and a single User-FQDN as alternative names in the specified certificate:

%ipsec_config add csr -subject cn=myhost,c=us,o=hp,ou=lab \

-alt-ipv4 192.6.2.2 -alt-ipv4 192.6.1.1 \

-alt-fqdn myhost.hp.com -alt-fqdn myhost2.hp.com \

-alt-user-fqdn roadrunner@acme.com

In the following example, the command specifies one IPv4 address, one FQDN, and two

User-FQDNs:

%ipsec_config add csr -subject cn=myhost,c=us,o=hp,ou=lab \

-alt-user-fqdn roadrunner@acme.com \

-alt-user-fqdn bunny@acme.com -alt-user-fqdn wolf@acme.com

New and changed features in A.03.00.01 7