Dell Command Line Reference Guide for the S4048–ON System


crypto x509 ca-keyid

Creates a per-certificate configuration context using the specified subject key identifier.

crypto x509 ca-keyid subject-key-identifier

Use to the no crypto x509 ca-keyid command to remove this configuration.

Enter the content of the SubjectKeyIdentifier field from the CA certificate.
NOTE: To get the subject key identifier details, enter the show crypto ca-cert command. This command displays the CA certificate details.
Command Modes
Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

The following is a list of the Dell EMC Networking OS version history for this command:

Introduced this command.
Usage Information
The following RBAC roles are allowed to issue this command:
  • sysadmin
  • secadmin

When you use this command, the device maps the current certificate context in the certificate store to a CA certificate through the subject key identifier field. The subject key identifier field contains the SHA-1 hash of the CA’s public key. This configuration provides a way to uniquely identify a CA and associate it with any CA-specific settings.

This context is used to store certificate-specific settings such as alternate CRL and OCSP locations. Incoming X.509 certificates whose AuthorityKeyIdentifierextensions match the configured subject key identifier has these settings applied to them.

The crypto x509 ca-keyid command when used with the ocsp-server command in the global configuration mode creates a per-certificate configuration context under which the remaining commands are entered.

Related Commands

Rate this content

Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\