Local storage
The SR OS requires the following objects to be stored locally as file:
-
CA Certificate
-
CRL
-
System’s own certificate
-
System’s own key
All above objects must be imported before they can be used by the SR OS. This is performed by using the admin certificate import command. The import process converts the format of input file to DER, encrypts it and saves it in cf3:/system-pki directory.
The imported file can also be exported as one to use in the specified format by means of the admin certificate export command.
The admin certificate import and admin certificate export command supports following formats:
-
Certificates can be import/export by using following formats:
-
PKCS#12
-
PKCS#7 (DER and PEM)
-
PEM
-
DER
If there are multiple certificates in the file, only the first one is used.
-
-
Key pair can be import/export by using following formats:
-
PKCS#12 (must along with certificate)
-
PEM
-
DER
-
-
CRL can be import/export by using following formats:
-
PKCS#7 (DER and PEM)
-
PEM
-
DER
-
-
PKCS#12 file can be encrypted with a password.