pki http

Function

The pki http command configures the downloading of the CA certificate, local certificate, or CRL through HTTP.

Format

pki http url-addr [ vpn-instance vpn-instance-name ] save-name [ source source-ip-address ]

Parameters

Parameter Description Value
url-addr

Specifies the URL of the CA certificate, local certificate, or CRL.

The value is a string of 1 to 255 case-sensitive characters.
vpn-instance vpn-instance-name

Specifies the VPN instance to which the CA HTTP server belongs.

The value is a string of 1 to 31 case-sensitive characters. It cannot contain spaces. The VPN instance name cannot be _public_. If the character string is quoted by double quotation marks, the character string can contain spaces.
save-name

Specifies the name of a CA certificate, local certificate, or CRL.

The value is a string of 5 to 63 case-sensitive characters.
source source-ip-address

Specifies the local address that is used to download the CA certificate, local certificate, or CRL.

The value is an IPv4 address in dotted decimal notation.

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
pki execute

Usage Guidelines

Usage Scenario

Note the following when the device downloads the CA certificate, local certificate, or CRL through HTTP:

  • The CA certificate or local certificate cannot exceed 2 MB, the CRL file cannot exceed 1 MB.
  • The CF card has sufficient space for storing the CA certificate, local certificate, or CRL file.

Example

# Configure the downloading of the local certificate through HTTP.
<HUAWEI> system-view
[~HUAWEI] pki http http://10.1.1.1/test.cer local.cer
Parent Topic: PKI Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >