The following is an example to importing a certificate from a PEM format:
*A:SR-7/Dut-A# admin certificate import type cert input cf3:/pre-import/R1-0cert.pem
output R1-0cert.der format pem
The following is an example for exporting a certificate to PEM format:
*A:SR-7/Dut-A# admin certificate export type cert input R1-0cert.der output cf3:/
R1-0cert.pem format pem
The following displays an example of profile output:
*A:SR-7/Dut-A>config>system>security>pki# info
----------------------------------------------
ca-profile "Root" create
description "Root CA"
cert-file "R1-0cert.der"
crl-file "R1-0crl.der"
no shutdown
exit
----------------------------------------------
*A:SR-7/Dut-A>config>system>security>pki#
The following displays an example of an ike-policy with cert-auth output:
*A:SR-7/Dut-A>config>ipsec>ike-policy# info
----------------------------------------------
ike-version 2
auth-method cert-auth
own-auth-method psk
----------------------------------------------
The following displays an example of a static LAN-to-LAN configuration using cert-auth:
...
interface "VPRN1" tunnel create
sap tunnel-1.private:1 create
ipsec-tunnel "Sanity-1" create
security-policy 1
local-gateway-address 10.1.1.13 peer 10.1.1.15 delivery-service 300
dynamic-keying
ike-policy 1
pre-shared-key "Sanity-1"
transform 1
cert
trust-anchor "R1-0"
cert "M2cert.der"
key "M2key.der"
exit
exit
no shutdown
exit
exit
exit