Manualshelf

HP-UX IPSec version A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
161162163164165166167168169170
Using Certificates with HP-UX IPSec
Step 1: Creating a Certificate Signing Request
Chapter 5160
-alt-fqdn
fqdn
The Fully Qualified Domain Name (FQDN) you want in the
subjectAlternativeName field for the certificate. The FQDN also known
as Domain Name Server or DNS name, such as myhost.hp.com.
Default: None.
-alt-user-fqdn
user_fqdn
The User Fully Qualified Domain Name (User FQDN) you want in the
subjectAlternativeName field for the certificate. Specify the User FQDN
in SMTP format, such as user@myhost.hp.com.
-key_length
number_bits
The key length for the public/private keys, in bits.
Verify that the number you specify is allowed by your CA.
Acceptable Values: 512, 1024, or 2048 (bits).
Default: 1024.
-days
number_days
Number of days for which the certificate will be valid. Verify that the
number you specify is within the range allowed by your CA.
Range: 1 - 65535.
Default: 365.
Example
The following command creates a CSR for the local host with its IPv4
address as the subjectAlternativeName:
ipsec_config add csr -subject “cn=myhost,c=us,o=hp,ou=lab” \
-alt-ipv4 15.1.1.1 -days 730 -klen 2048