ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security certificate ca-issued show

    Display CA-Issued Digital Certificates

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    This command displays the following information about the digital certificates issued by the self-signed root-ca:

    • Vserver

    • Serial number of certificate

    • FQDN or custom common name or the name of a person

    • Serial number of CA certificate

    • Status (active, revoked )

    • Certificate Authority

    • Expiration date

    • Revocation date

    To display more details, run the command with the -instance parameter. This will add the following information:

    • Country name

    • State or province name

    • Locality name

    • Organization name

    • Organization unit

    • Contact administrator’s email address

    Parameters

    { [-fields <fieldname>,…​]

    If you specify the -fields <fieldname>, …​ parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

    | [-instance ] }

    If you specify the -instance parameter, the command displays detailed information about all fields.

    [-vserver <Vserver Name>] - Name of Vserver

    Selects the certificates that match this parameter value.

    [-serial <text>] - Serial Number of Certificate

    Selects the certificates that match this parameter value.

    [-ca <text>] - Certificate Authority

    Selects the certificates that match this parameter value.

    [-ca-serial <text>] - Serial Number of CA Certificate

    Selects the certificates that match this parameter value.

    [-common-name <FQDN or Custom Common Name>] - FQDN or Custom Common Name

    Selects the certificates that match this parameter value.

    [-status <status of certificate>] - Status of Certificate

    Selects the certificates that match this parameter value. Possible values include active and revoked.

    [-expiration <Date>] - Certificate Expiration Date

    Selects the certificates that match this parameter value.

    [-revocation <Date>] - Certificate Revocation Date

    Selects the certificates that match this parameter value.

    [-country <text>] - Country Name (2 letter code)

    Selects the certificates that match this parameter value.

    [-state <text>] - State or Province Name (full name)

    Selects the certificates that match this parameter value.

    [-locality <text>] - Locality Name (e.g. city)

    Selects the certificates that match this parameter value.

    [-organization <text>] - Organization Name (e.g. company)

    Selects the certificates that match this parameter value.

    [-unit <text>] - Organization Unit (e.g. section)

    Selects the certificates that match this parameter value.

    [-email-addr <mail address>] - Email Address (Contact Name)

    Selects the certificates that match this parameter value.

    Examples

    The examples below display information about CA issued digital certificates.

    cluster1::> security certificate ca-issued show
    Serial Number of
    Vserver    Serial Number   Common Name                 CA's Certificate Status
    ---------- --------------- --------------------------- ---------------- -------
    vs0        4F5A2C90         example.com                  4F4EB629         active
        Certificate Authority: vs0.cert
              Expiration Date: Sat Apr 14 16:15:13 2012
              Revocation Date: -
    
    vs0        4F5A2DF2         example.com                  4F4EB629         revoked
        Certificate Authority: vs0.cert
              Expiration Date: Sat Apr 14 16:21:06 2012
              Revocation Date: Fri Mar 09 17:08:30 2012
    
    2 entries were displayed.
    cluster1::> security certificate ca-issued show -instance
    Vserver: vs0
             Serial Number of Certificate: 4F5A2C90
                    Certificate Authority: vs0.cert
          Serial Number of CA Certificate: 4F4EB629
               FQDN or Custom Common Name:  example.com
                    Status of Certificate: active
              Certificate Expiration Date: Sat Apr 14 16:15:13 2012
              Certificate Revocation Date: -
             Country Name (2 letter code): US
       State or Province Name (full name): California
                Locality Name (e.g. city): Sunnyvale
         Organization Name (e.g. company): example
         Organization Unit (e.g. section): IT
             Email Address (Contact Name):  web@example.com
    Top of Page