255
Field Description
permit
If the attributes of a certificate match the attribute rules defined in the
attribute group that the policy references, the certificate passes the
check and is regarded valid.
deny
If the attributes of a certificate match the attribute rules defined in the
attribute group that the policy references, the certificate fails the check
and is regarded invalid.
Related commands
• pki certificate access-control-policy
• rule
display pki certificate attribute-group
Use display pki certificate attribute-group to display information about certificate attribute groups.
Syntax
display pki certificate attribute-group [ group-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
group-name: Specifies the name of a certificate attribute group, a case-insensitive string of 1 to 31
characters.
Usage guidelines
If no certificate attribute group is specified, this command displays information about all certificate
attribute groups.
Examples
# Display information about the certificate attribute group mygroup.
<Sysname> display pki certificate attribute-group mygroup
Attribute group name: mygroup
Attribute 1 subject-name dn ctn abc
Attribute 2 issuer-name fqdn nctn app
# Display information about all certificate attribute groups.
<Sysname> display pki certificate attribute-group
Total PKI certificate attribute groups: 2.
Attribute group name: mygroup1
Attribute 1 subject-name dn ctn abc
Attribute 2 issuer-name fqdn nctn app
Attribute group name: mygroup2
Attribute 1 subject-name dn ctn def
To Next Page
Loading...
Need help?
General
