Parameters
policy-name: Specifies the name of a certificate access control policy, a case-insensitive string of 1 to 31
characters.
Usage guidelines
If no policy name is specified, this command displays information about all certificate access control
policies.
Examples
# Display information about the certificate access control policy mypolicy.
<Sysname> display pki certificate access-control-policy mypolicy
Access control policy name: mypolicy
Rule 1 deny mygroup1
Rule 2 permit mygroup2
# Display information about all certificate access control policies.
<Sysname> display pki certificate access-control-policy
Total PKI certificate access control policies: 2
Access control policy name: mypolicy1
Rule 1 deny mygroup1
Rule 2 permit mygroup2
Access control policy name: mypolicy2
Rule 1 deny mygroup3
Rule 2 permit mygroup4
Table 23 Command output
Field Description
Total PKI certificate access control
policies
Total number of certificate access control policies.
permit
If the attributes of a certificate match the attributed rules defined in the
attribute group that the policy references, the certificate passes the
check and is regarded valid.
deny
If the attributes of a certificate match the attributed rules defined in the
attribute group that the policy references, the certificate fails the check
and is regarded invalid.
Related commands
• pki certificate access-control-policy
• rule
display pki certificate attribute-group
Use display pki certificate attribute-group to display information about certificate attribute groups.
Syntax
display pki certificate attribute-group [ group-name ]
182
To Next Page
Loading...
