The SR OS requires the following objects to be stored locally as file:
CA Certificate
CRL
System’s own certificate
System’s own key
All above objects must be imported before they can be used by the SR OS. This is performed by using the admin certificate import command. The import process converts the format of input file to DER, encrypts the key file and saves it in cf3:/system-pki directory.
The imported file can also be exported as one to use in the specified format by means of the admin certificate export command.
The admin certificate import and admin certificate export command supports following formats:
Certificates can be import/export by using following formats:
PKCS#12
PKCS#7 (DER and PEM)
PEM
DER
If there are multiple certificates in the file, only the first one is used.
Key pair can be import/export by using following formats:
PKCS#12 (must along with certificate)
PEM
DER
CRL can be import/export by using following formats:
PKCS#7 (DER and PEM)
PEM
DER
PKCS#12 file can be encrypted with a password.