PKI configuration commands
PKI configuration commands
attribute
Syntax
attribute id { alt-subject-name { fqdn | ip } | { issuer-name | subject-name } { dn | fqdn | ip } } { ctn |
equ | nctn | nequ} attribute-value
undo attribute { id | all }
View
Certificate attribute group view
Default level
2: System level
Parameters
id: Sequence number of the certificate attribute rule, in the range of 1 to 16.
alt-subject-name: Specifies the name of the alternative certificate subject.
fqdn: Specifies the FQDN of the entity.
ip: Specifies the IP address of the entity.
issuer-name: Specifies the name of the certificate issuer.
subject-name: Specifies the name of the certificate subject.
dn: Specifies the distinguished name of the entity.
ctn: Specifies the contain operation.
equ: Specifies the equal operation.
nctn: Specifies the not-contain operation.
nequ: Specifies the not-equal operation.
attribute-value: Value of the certificate attribute, a case-insensitive string of 1 to 128 characters.
all: Specifies all certificate attributes.
Description
Use the attribute command to configure the attribute rules of the certificate issuer name, certificate
subject name and alternative certificate subject name.
Use the undo attribute command to delete the attribute rules of certificates.
By default, no restriction exists on the issuer name, subject name, and alternative subject name of a
certificate.
The attribute of the alternative certificate subject name does not appear as a distinguished name, and
therefore the dn keyword is not available for the attribute.
206