Parameter |
Description |
Value |
|---|---|---|
self-signed |
Creates a self-signed certificate. |
- |
filename file-name |
Specifies the name of a certificate file. |
The value is a string of 1 to 64 case-insensitive characters without spaces or question marks. |
Usage Scenario
After a self-signed certificate or local certificate is generated by the device, the certificate file is saved in the storage device as a PEM file. You can export the certificate for other devices to use. This simplifies certificate issue process.
When you run the pki create-certificate command, the system asks you to enter certificate information, for example, PKI entity parameters, certificate file name, certificate validity period, and RSA key length.
Precautions
The device does not provide lifecycle management for self-signed certificates. For example, self-signed certificates cannot be updated or revoked on the device. To ensure security of the device and certificates, a local certificate is recommended.