No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

OceanStor 18000 and 18000F V5 Series V500R007

This document is applicable to OceanStor 18500 V5, 18800 V5, 18500F V5, and 18800F V5. Based on the CLI provided by DeviceManager, this document describes how to use various commands classified by functions and how to set the CLI and manage the storage system through these commands. The document that you browse online matches the latest C version of the product. Click Download to download documents of other C versions.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
export certificate

export certificate

Function

The export certificate command is used to generate private key and certificate requests based on application scenarios and export the certificate requests for subsequent signature and certificate import.

Format

export certificate ip=? user=? password=? type=? certificate_path=? [ port=? ] [ protocol=? ] [ algorithm=? ]

Parameters

Parameter

Description

Value

ip=?

IP address of the FTP/SFTP server.

-

user=?

User allowed by the FTP/SFTP server.

The value contains 1 to 64 characters without colons (:).

password=?

Password of a user allowed by the FTP/SFTP server.

The value contains 1 to 64 characters.

type=?

Certificate type.

The value can be:

  • "key_management_center": key management center.
  • "domain_authentication": domain authentication.
  • "hypermetro_arbitration": HyperMetro arbitration.
  • "https_protocol": HTTPS protocol.
  • "ftps_protocol": FTPS protocol.
  • "syslog_authentication": SYSLOG server authentication.
  • "domain_authentication_extension_1": domain authentication extension 1.
  • "domain_authentication_extension_2": domain authentication extension 2.
  • "domain_authentication_extension_3": domain authentication extension 3.

certificate_path=?

Path for storing the certificate file on the FTP/SFTP server.

The value is a character string that ends with file name extension ".csr" (case insensitive). The file name must be supported by the FTP and SFTP server.

port=?

Port of the FTP/SFTP server.

The value is an integer ranging from 1 to 65535.

  • If protocol=FTP, the default value is "21".
  • If protocol=SFTP, the default value is "22".

protocol=?

Protocol used for transmitting the new certificate and private key.

The value can be "FTP" or "SFTP" and the default value is "SFTP".

algorithm=?

Encryption algorithm.

The value can be:

  • "RSA_2048": RSA encryption algorithm. The key contains 2048 bits.
  • "RSA_4096": RSA encryption algorithm. The key contains 4096 bits.
  • "ECC_256": ECC encryption algorithm. The key contains 256 bits.

The default value is "RSA_2048".

Level

Administrator

Usage Guidelines

  • This command can be used to generate private key and certificate requests for key management storage arrays, device management storage arrays, domain authentication storage arrays, HyperMetro arbitration storage arrays, HTTPS protocol storage arrays, FTPS protocol storage arrays, and SYSLOG server authentication storage arrays.
  • This command can only be used to export certificate requests from a storage system to the FTP or SFTP server connected to the storage system.
  • The certificate type supported by this command can be "key_management_center", "domain_authentication", "hypermetro_arbitration", "https_protocol", "ftps_protocol", "syslog_authentication", "domain_authentication_extension_1", "domain_authentication_extension_2", or "domain_authentication_extension_3".
NOTE:

Prerequisites:

  • Storage systems can correctly access the FTP server or SFTP server over the network.
  • The FTP or SFTP service has been enabled on the server.
  • A directory has been created for storing security certificates.

If a storage system serves as a server in the file transfer with external systems, the storage system supports SFTP only. If a storage system serves as a client, the storage system supports both FTP and SFTP.

Example

Generate and export certificate requests based on application scenarios.

admin:/>export certificate ip=10.133.194.20 user=admin password=****** type=key_management_center certificate_path=/temp.csr protocol=SFTP port=22 algorithm=RSA_2048 
Command executed successfully.

System Response

None

Translation
Download
Updated: 2019-09-02

Document ID: EDOC1000181601

Views: 321803

Downloads: 41

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next