269
Related commands
• display pki certificate access-control-policy
• rule
pki certificate attribute-group
Use pki certificate attribute-group to create a certificate attribute group and enter its view.
Use undo pki certificate attribute-group to remove a specified certificate attribute group.
Syntax
pki certificate attribute-group group-name
undo pki certificate attribute-group group-name
Default
No certificate attribute group exists.
Views
System view
Predefined user roles
network-admin
Parameters
group-name: Specifies a group name, a case-insensitive string of 1 to 31 characters.
Usage guidelines
A certificate attribute group is a set of attribute rules (defined by using the attribute command). Each
attribute rule defines a matching criterion for the issuer names, subject names, and alternative subject
names of certificates. If a certificate attribute group does not have attribute rules, the certificate access
control rule referencing the attribute group matches all certificates to be checked.
Examples
# Create a certificate attribute group named mygroup and enter its view.
<Sysname> system-view
[Sysname] pki certificate attribute-group mygroup
[Sysname-pki-cert-attribute-group-mygroup]
Related commands
• attribute
• display pki certificate attribute-group
• rule
pki delete-certificate
Use pki delete-certificate to remove the certificates in a PKI domain.
Syntax
pki delete-certificate domain domain-name { ca | local | peer [ serial serial-num ] }
To Next Page
Loading...
Need help?
General
