protocol ssl hsm safenet generate-cert
Generates the server-side SteelHead client certificate and private key.
Syntax
protocol ssl hsm safenet generate-cert name {<hostname> | <ip-address>}
Parameters
name <hostname> | Specifies the common name of the SteelHead that is accessible from the HSM. Use the unqualified hostname (without the domain name appended). This generates the client certificate with the specified hostname. |
name <ip-address> | Specifies the IP address of the SteelHead that is accessible from the HSM. |
Usage
This command generates the SteelHead client certificate and private key used to establish an NTL connection to the HSM server.
Copy the raw output of this command and save it as a certificate file, <hostname>.pem, using the same hostname or IP address specified by the command. Use the following command to securely transfer the certificate file to the HSM from any host that can securely use SSH:
scp <path-to-pem-file> admin@<hsm-hostname/IP>:
Example
amnesiac (config) # protocol ssl hsm safenet generate-cert name server-sh1
Successfully created certificate with common name: "server-sh1"
"-----BEGIN CERTIFICATE-----
MIIDKzCCAhOgAwIBAgIBADANBgkqhkiG9w0BAQsFADBZMQswCQYDVQQGEwJDQTEQ
MA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYDVQQKEwpNeSBj
b21wYW55MRIwEAYDVQQDEwlvYWstdnNoNzQwHhcNMTUwNzA2MjA0MzQwWhcNMjUw
NzA0MjA0MzQwWjBZMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0G
A1UEBxMGT3R0YXdhMRMwEQYDVQQKEwpNeSBjb21wYW55MRIwEAYDVQQDEwlvYWst
6tu6ToTKdlxCnN+mAyLI0TkHXiNnqnPXFchzpl2rzh4muTHQkYIk0dFDft8JuW4u
vqXQAjCPE5ZzgEbEaOuydvBhrKS3L+Kw+N+GNxbhjnYOt4QjPYEH/mdbiGwTB/1W
CYc1/Ee25Xx2HXgoJWwjo5z+pdKA9gzAtatdVXz65RHDAQBLtSpGJ9hW5qBsemQf
WyKnZA2DeohiG/ApvAr0gxIftNA+ciwSydYkHD14Wivt9Z+nJmmsD/H7DmZbVtn6
e1scFyiIsfE9mEYnb8AEN3KzkvgMz+TXZdodXBJzQlFaMJpLnFCEDBd3bEKFeuE=
-----END CERTIFICATE-----" > server-sh1.pem
# scp server-sh1.pem admin@luna-host1.lab.nbttech.com:
admin@luna-host1.lab.nbttech.com’s password:
Product
SteelHead CX
Related Commands