pki certificate access-control-policy default

Function

The pki certificate access-control-policy default command configures the default access control policy of certificate attributes.

The undo pki certificate access-control-policy default command cancels the default access control policy configuration of certificate attributes.

By default, the action for the access control policy of certificate attributes is permit. That is, the certificate passes the verification.

Format

pki certificate access-control-policy default deny

pki certificate access-control-policy default permit

undo pki certificate access-control-policy default [ deny | permit ]

Parameters

Parameter	Description	Value
default	Indicates the default access control policy of certificate attributes.	-
permit	Indicates that the certificate passes the verification.	-
deny	Indicates that the certificate does not pass the verification.	-

Parameter

Description

Value

default

Indicates the default access control policy of certificate attributes.

permit

Indicates that the certificate passes the verification.

deny

Indicates that the certificate does not pass the verification.

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
pki	write

Usage Guidelines

Usage Scenario

The access control policy of certificate attributes is an extra measure for certificate verification. Only the certificates meeting specific requirements can pass the verification, and then users' access rights are controlled elaborately.

Example

# Set the default access control policy of certificate attributes as permit.

<HUAWEI> system-view
[~HUAWEI] pki certificate access-control-policy default permit