Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)

Fabric OS Command Reference 681
53-1001186-01
secCertUtil
2
Operands This command has the following operands:
genkey Generates a public/private key pair. This is the first step in setting up a
third-party certificate. When prompted for a key size, enter either 1024 or
2048 bits. The greater the value, the more secure is the connection; however,
performance degrades with size. The keys are generated only after all existing
CSRs and certificates have been deleted.
-nowarn Specifies that no warning is given when overwriting or deleting data. If this
operand is omitted, the command prompts for confirmation before existing
CSRs and certificates are deleted.
delkey [-nowarn] Deletes a public/private key pair. This command prompts for confirmation
unless -nowarn is specified.
gencsr Generates a new CSR for the switch. This is the second step in setting up a
third-party certificate. The following operands are optional; if omitted, the
command prompts for answers to a series of questions. If only one or a few
operands are specified. the command prompts for input to the remaining
questions. When all questions are answered, a CSR is generated and placed
in a file named ip_address.csr, where ip_address is the IP address of the
switch.
-country country code
Specifies the country. Provide a two-letter country code. For example, US.
-state state Specifies the state. Provide the full name, for example, California. If the state
consists of multiple words, it must be enclosed in double quotes.
-locality locality
Specifies the city. Provide the full name, for example, "San Jose". If the locality
consists of multiple words, it must be enclosed in double quotes.
-org organization
Specifies the organization. Provide the full name, for example, Brocade. If the
organization consists of multiple words, it must be enclosed in double quotes.
-orgunit organization unit
Specifies the organizational unit, for example, your department name. If the
organizational unit consists of multiple words, it must be enclosed in double
quotes.
-cn common name
Specifies the common name. Provide a fully qualified Domain Name, or IP
address.
showcsr Displays the content of the CSR on the switch without page breaks. Use the
pipe operator followed by the “more” option to display the content one page
at a time.
delcsr [-nowarn] Deletes CSR. This command prompts for confirmation before deleting the
CSR unless -nowarn is specified.
delete Deletes the specified certificate. The following operands are optional;
-ldapcacert Deletes a LDAP CA certificate. You must specify a file name for the LDAP CA
certificate.
file name Specifies the name of the certificate to be deleted. This operand is required
Use the show option for a list of existing certificates.