Home » D-Link Manuals » Hubs & Switches » D-Link DES-3010PA-TAA » Manual Viewer

D-Link DES-3010PA-TAA CLI Guide - Page 324

crypto certificate generate, crypto certificate, generate [key-generate, passphrase, duration

UPC - 790069296567

View all D-Link DES-3010PA-TAA manuals

Add to My Manuals
Save this manual to your list of manuals

Page 324 highlights

D-Link DES-3010FA/GA/PA CLI Reference Guide crypto certificate generate The crypto certificate generate Global Configuration mode command generates self signed certificate for HTTPS . Syntax crypto certificate number generate [key-generate [length]] [passphrase string] [cn common- name] [ou organization-unit] [or organization] [loc location] [st state] [cu country] [duration days] Parameters • number - Specifies the certificate number. If unspecified, defaults to 1. (Range: 1-2) • key-generate - Regenerate SSL RSA key. • length - Specifies the length of the SSL's RSA key. If unspecified, length defaults to 1024. (Range: 512 - 2048) • passphrase string - Passphrase that is used for exporting the certificate in PKCS12 file format. If unspecified the certificate is not exportable. (Range: 8-96) • cn common- name - Specifies the fully qualified URL or IP address of the device. If unspecified, defaults to the lowest IP address of the device (when the certificate is generated). (Range: 1-64) • ou organization-unit - Specifies the organization-unit or department name. (Range: 1-64) • or organization - Specifies the organization name. (Range: 1-64) • loc location - Specifies the location or the city name. (Range: 1-64) • st state - Specifies the state or province name. • cu country - Specifies the country name. (Range: 2) • duration days - Specifies number of days a certification would be valid. If unspecified defaults to 365 days. (Range: 30-3650) Default Configuration The Certificate and the SSL's RSA key pairs do not exist. Command Mode Global Configuration mode User Guidelines Use this command to generate self-signed certificate for your device. This command is not saved in the router configuration; however, the certificate and keys generated by this command are saved in the private configuration (which is never displayed to the user or backed up to another device). When you export an RSA key pair to a PKCS#12 file, the RSA key pair is as secure as the passphrase, keep the passphrase secure. If the RSA keys doesn't exist, the parameter key-generate must be used. Page 323

Section	Page
Table of Contents	2
Section 1. Using the CLI	11
1.1 CLI Command Modes	11
1.1.1 Introduction	11
1.1.2 User EXEC Mode	12
1.1.3 Privileged EXEC Mode	12
1.1.4 Global Configuration Mode	13
1.1.5 Interface Configuration and Specific Configuration Modes	13
1.2 Starting the CLI	14
1.3 Editing Features	15
1.3.1 Entering Commands	15
1.3.1.1 Terminal Command Buffer	15
1.3.1.2 Negating the Effect of Commands	16
1.3.1.3 Command Completion	16
1.3.1.4 Keyboard Shortcuts	16
1.3.1.5 CLI Command Conventions	16
Section 2. AAA Commands	18
aaa authentication login	18
aaa authentication enable	20
login authentication	22
enable authentication	23
ip http authentication	24
ip https authentication	25
show authentication methods	26
password	27
enable password	28
username	29
Section 3. Address Table Commands	30
bridge address	30
bridge multicast filtering	31
bridge multicast address	32
bridge multicast forbidden address	33
bridge multicast forward-all	34
bridge multicast forbidden forward-all	35
bridge aging-time	36
clear bridge	37
port security	38
port security routed secure-address	39
show bridge address-table	40
show bridge address-table static	41
show bridge address-table count	42
show bridge multicast address-table	43
show bridge multicast filtering	45
show ports security	46
Section 4. Clock	48
clock set	48
clock source	49
clock timezone	50
clock summer-time	51
sntp authentication-key	53
sntp authenticate	54
sntp trusted-key	55
sntp client poll timer	56
sntp broadcast client enable	57
sntp anycast client enable	58
sntp client enable (Interface)	59
sntp unicast client enable	60
sntp unicast client poll	61
sntp server	62
show clock	63
show sntp configuration	64
show sntp status	65
Section 5. Configuration and Image Files	66
copy	66
delete	69
delete startup-config	70
show running-config	71
show startup-config	72
Section 6. Ethernet Configuration Commands	73
interface ethernet	73
interface range ethernet	74
shutdown	75
description	76
speed	77
duplex	78
negotiation	79
flowcontrol	80
mdix	81
back-pressure	82
clear counters	83
set interface active	84
show interfaces advertise	85
show interfaces configuration	87
show interfaces status	88
show interfaces description	90
show interfaces counters	92
port storm-control include-multicast	95
port storm-control broadcast enable	96
port storm-control broadcast rate	97
show ports storm-control	98
Section 7. GVRP Commands	99
gvrp enable (Global)	99
gvrp enable (Interface)	100
garp timer	101
gvrp vlan-creation-forbid	102
gvrp registration-forbid	103
clear gvrp statistics	104
show gvrp configuration	105
show gvrp statistics	106
show gvrp error-statistics	107
Section 8. IGMP Snooping Commands	108
ip igmp snooping (Global)	108
ip igmp snooping (Interface)	109
ip igmp snooping host-time-out	110
ip igmp snooping mrouter-time-out	111
ip igmp snooping leave-time-out	112
show ip igmp snooping mrouter	113
show ip igmp snooping interface	114
show ip igmp snooping groups	115
Section 9. IP Addressing Commands	116
ip address	116
ip address dhcp	117
ip default-gateway	118
show ip interface	119
arp	120
arp timeout	121
clear arp-cache	122
show arp	123
ip domain-name	124
ip name-server	125
ip host	126
clear host	127
clear host dhcp	128
show hosts	129
Section 10. LACP Commands	130
lacp system-priority	130
lacp port-priority	131
lacp timeout	132
show lacp ethernet	133
show lacp port-channel	135
Section 11. Line Commands	136
line	136
speed	137
exec-timeout	138
history	139
history size	140
terminal history	141
terminal history size	142
show line	143
Section 12. Management ACL	144
management access-list	144
permit (Management)	146
deny (Management)	147
management access-class	148
show management access-list	149
show management access-class	150
Section 13. PHY Diagnostics Commands	151
test copper-port tdr	151
show copper-ports tdr	152
show copper-ports cable-length	153
show fiber-ports optical-transceiver	154
Section 14. Port Trunking Commands	155
interface port-channel	155
interface range port-channel	156
channel-group	157
show interfaces port-channel	158
Section 15. Port Monitor Commands	159
port monitor	159
port monitor vlan-tagging	160
show ports monitor	161
Section 16. System Management	162
ping	162
traceroute	164
reload	166
hostname	167
show users	168
show system	169
show version	170
show system id	171
Section 17. QoS Commands	172
qos	172
show qos	173
priority-queue out num-of-queues	174
rate-limit interface configuration	175
show qos interface	176
traffic-shape	178
wrr-queue cos-map	179
qos map dscp-queue	180
qos trust (Global)	181
qos trust (Interface)	182
qos cos	183
show qos map	184
Section 18. Radius Commands	185
radius-server host	185
radius-server key	187
radius-server retransmit	188
radius-server source-ip	189
radius-server timeout	190
radius-server deadtime	191
show radius-servers	192
Section 19. Power Over Ethernet	194
power inline	194
power inline powered-device	195
power inline usage-threshold	196
power inline traps enable	197
show power inline	198
Section 20. RMON Commands	200
show rmon statistics	200
rmon collection history	202
show rmon collection history	203
show rmon history	204
rmon alarm	207
show rmon alarm	209
rmon event	211
show rmon events	212
show rmon log	213
rmon table-size	215
Section 21. SNMP Commands	216
snmp-server community	216
snmp-server view	218
snmp-server group	219
snmp-server user	220
snmp-server engineID local	222
snmp-server enable traps	224
snmp-server filter	225
snmp-server host	226
snmp-server v3-host	227
snmp-server trap authentication	228
snmp-server contact	229
snmp-server location	230
snmp-server set	231
show snmp	232
show snmp engineid	234
show snmp views	235
show snmp groups	236
show snmp filters	238
show snmp users	239
Section 22. Spanning-Tree Commands	240
spanning-tree	240
spanning-tree mode	241
spanning-tree forward-time	242
spanning-tree hello-time	243
spanning-tree max-age	244
spanning-tree priority	245
spanning-tree disable	246
spanning-tree cost	247
spanning-tree port-priority	248
spanning-tree portfast	249
spanning-tree link-type	250
spanning-tree pathcost method	251
spanning-tree bpdu	252
clear spanning-tree detected-protocols	253
spanning-tree guard root	254
spanning-tree mst priority	255
spanning-tree mst max-hops	256
spanning-tree mst port-priority	257
spanning-tree mst cost	258
spanning-tree mst configuration	259
instance (mst)	260
name (mst)	261
revision (mst)	262
show (mst)	263
exit (mst)	264
abort (mst)	265
show spanning-tree	266
Section 23. Syslog Commands	268
logging on	268
logging	269
logging console	270
logging buffered	271
logging buffered size	272
clear logging	273
logging file	274
clear logging file	275
aaa logging	276
file-system logging	277
management logging	278
show logging	279
show logging file	281
show syslog-servers	283
Section 24. User Interface	284
enable	284
disable	285
login	286
configure	287
exit (Configuration)	288
exit	289
end	290
help	291
terminal data-dump	292
show history	293
show privilege	294
Section 25. VLAN Commands	295
vlan database	295
vlan	296
interface vlan	297
interface range vlan	298
name	299
private-vlan primary	300
private-vlan isolated	301
private-vlan community	302
switchport mode	303
switchport access vlan	304
switchport private-vlan	305
show vlan private-vlan	306
switchport trunk allowed vlan	307
switchport trunk native vlan	308
switchport general allowed vlan	309
switchport general pvid	310
switchport general ingress-filtering disable	311
switchport general acceptable-frame-type tagged-only	312
switchport forbidden vlan	313
ip internal-usage-vlan	314
show vlan	315
show vlan internal usage	316
show interfaces switchport	317
Section 26. Web Server	319
ip http server	319
ip https server	320
ip http exec-timeout	321
ip https certificate	322
show ip https	323
crypto certificate generate	324
crypto certificate import	325
show crypto certificate mycertificate	327
ip http port	328
ip https port	329
show ip http	330
Section 27. 802.1x Commands	331
aaa authentication dot1x	331
dot1x system-auth-control	332
dot1x port-control	333
dot1x re-authentication	334
dot1x timeout re-authperiod	335
dot1x re-authenticate	336
dot1x timeout quiet-period	337
dot1x timeout tx-period	338
dot1x max-req	339
dot1x timeout supp-timeout	340
dot1x timeout server-timeout	341
show dot1x	342
show dot1x users	345
show dot1x statistics	347
ADVANCED FEATURES	349
dot1x auth-not-req	349
dot1x multiple-hosts	350
dot1x single-host-violation	351
dot1x guest-vlan	352
dot1x guest-vlan enable	353
show dot1x advanced	354

Match case Limit results 1 per page

D-Link DES-3010FA/GA/PA CLI Reference Guide

Page 323

crypto certificate generate

The

crypto certificate generate

Global Configuration mode command generates self signed certificate for

HTTPS .

Syntax

crypto certificate

number

generate [key-generate [

length

]] [passphrase

string

] [cn

common- name

] [ou o

rga-

nization-unit

] [or

organization

] [loc

location

] [st

state

] [cu

country

] [duration

days

]

Parameters

•

number

- Specifies the certificate number. If unspecified, defaults to 1. (Range: 1-2)

•

key-generate

- Regenerate SSL RSA key.

•

length

- Specifies the length of the SSL's RSA key. If unspecified, length defaults to 1024. (Range: 512 -

2048)

•

passphrase

string

- Passphrase that is used for exporting the certificate in PKCS12 file format. If unspecified

the certificate is not exportable. (Range: 8-96)

•

common- name

- Specifies the fully qualified URL or IP address of the device. If unspecified, defaults to

the lowest IP address of the device (when the certificate is generated). (Range: 1-64)

•

organization-unit

- Specifies the organization-unit or department name. (Range: 1-64)

•

organization

- Specifies the organization name. (Range: 1-64)

•

loc

location

- Specifies the location or the city name. (Range: 1-64)

•

state

- Specifies the state or province name.

•

country

- Specifies the country name. (Range: 2)

•

duration

days

- Specifies number of days a certification would be valid. If unspecified defaults to 365 days.

(Range: 30-3650)

Default Configuration

The Certificate and the SSL's RSA key pairs do not exist.

Command Mode

Global Configuration mode

User Guidelines

Use this command to generate self-signed certificate for your device.

This command is not saved in the router configuration; however, the certificate and keys generated by this com-

mand are saved in the private configuration (which is never displayed to the user or backed up to another device).

When you export an RSA key pair to a PKCS#12 file, the RSA key pair is as secure as the passphrase, keep the

passphrase secure.

If the RSA keys doesn't exist, the parameter key-generate must be used.