No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
pki export rsa-key-pair

pki export rsa-key-pair

Function

The pki export rsa-key-pair command exports the RSA key pair to the flash and allows the export of the associated certificate.

Format

pki export rsa-key-pair key-name [ and-certificate certificate-name ] { pem file-name [ 3des | aes | des ] | pkcs12 file-name } password password

Parameters

Parameter Description Value
key-name Specifies the name of the RSA key pair on the device. The value must be an existing RSA key pair name.
and-certificate certificate-name Indicates that the certificate related to the RSA key pair are exported. The value must be an existing certificate file name.
pem file-name Indicates that the RSA key pair to be exported is in the PEM format and specifies the name of the file to be exported.

The value is a string of 1 to 64 case-sensitive characters without spaces and question marks (?). When the value contains a directory, it is a string of 1 to 127 characters, for example, flash:/8ab3/ab3.pem.

pkcs12 file-name Indicates that the RSA key pair to be exported is in the PKCS12 format and specifies the file name to be exported.

The value is a string of 1 to 64 case-sensitive characters without spaces and question marks (?). When the value contains a directory, it is a string of 1 to 127 characters, for example, flash:/8ab3/ab3.pem.

3des | aes | des Sets the encryption algorithm to DES, 3DES or AES if a file is exported in the PEM format. The default value is AES.
NOTE:
DES and 3DES are less secure than AES and are not recommended.
-
password password Specifies the encryption password for the RSA key pair file. This password is used when you import an RSA key pair file.

The value is a string of 6 to 32 case-sensitive characters without question marks (?).

To enhance security, a password must contain at least two types of the following characters: uppercase letters, lowercase letters, numerals, and special characters, such as exclamation points (!), at signs (@), number signs (#), dollar signs ($), and percent (%).

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

To transfer or back up an RSA key pair, run this command to generate the PEM or PKCS12 file carrying this RSA key pair (which may include the certificate) in the flash.

Before using this command, run the display pki rsa local-key-pair command to view information about the RSA key pairs on the device.

Prerequisites

The RSA key pair has been created and configured to be exportable using the pki rsa local-key-pair create command or the RSA key pair has been imported to the memory using the pki import rsa-key-pair command.

Precautions

The RSA key pair is sensitive information. Delete and destroy the exported RSA key pair on the device or storage device immediately after you do not need it.

Example

# Export the RSA key pair key1 to the file aaa.pem and set the encryption method to AES.

<Huawei> system-view
[Huawei] pki rsa local-key-pair create key1 exportable
 Info: The name of the new key-pair will be: key1
 The size of the public key ranges from 512 to 2048.
 Input the bits in the modules:2048
 Generating key-pairs...
......+++               
....................+++ 
[Huawei] pki export rsa-key-pair key1 pem aaa.pem aes password Admin@1234
 Warning: Exporting the key pair impose security risks, are you sure you want to
 export it? [y/n]:y                                                             
 Info: Succeeded in exporting the RSA key pair in PEM format.
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 211903

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next