Got it
Huawei Enterprise Support Community
Community Forums Security
Replace X509 Certificate ...

Replace X509 Certificate and key for HTTPS Server

Created: Aug 7, 2018 09:54:10Latest reply: May 1, 2019 12:48:44 645 3 1 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#
Hi all,


I would apprectiate if someone could help with the following question:

A big customer from the telecommunication industry in Germany wants to replace the routers webinterface x509 certificate signed by the own enterprice pki.

How can I do this from CLI? I could not find documents about that.

I am looking forward for good answers.

thanks in advance

kdw, semior security consultant, munich

Like (1) Dislike (0) Favorite(0) Share Report
Previous: I can not see traffic log on USG6630 device
Next: Logfile storage issue
Featured Answers

Best answer

(1) (0)
Fernandoizsa
Created Aug 7, 2018 18:09:12

Hi we suggest follow the next cmd to install the local PKI certificate in to the device:

Procedure

Run:
system-view
The system view is displayed.

Run:
pki create-certificate [ self-signed ] filename file-name
A self-signed certificate or local certificate is created.

During the configuration, you will be prompted to enter the certificate information, such as PKI entity attributes, the certificate file name, the certificate validity period, and length of the RSA key pair.

Specify the self-signed parameter to create a self-signed certificate. If this parameter is not specified, a local certificate is created.

The file format of the created self-signed certificate or local certificate is PEM.

Finally is very important identify with product device customer will use.:)
View more
  • x
  • convention:
All Answers
(1) (0)
2#
Chelun
Chelun Created Aug 7, 2018 11:59:24

Is this huawei product?Can you share the huawei product type?thanks
View more
  • x
  • convention:
(1) (0)
3#
Fernandoizsa
Fernandoizsa Created Aug 7, 2018 18:09:12

Hi we suggest follow the next cmd to install the local PKI certificate in to the device:

Procedure

Run:
system-view
The system view is displayed.

Run:
pki create-certificate [ self-signed ] filename file-name
A self-signed certificate or local certificate is created.

During the configuration, you will be prompted to enter the certificate information, such as PKI entity attributes, the certificate file name, the certificate validity period, and length of the RSA key pair.

Specify the self-signed parameter to create a self-signed certificate. If this parameter is not specified, a local certificate is created.

The file format of the created self-signed certificate or local certificate is PEM.

Finally is very important identify with product device customer will use.:)
View more
  • x
  • convention:
(0) (0)
4#
kdw
kdw Created May 1, 2019 12:48:44

Thanks a lot.
We signed the certificate-request from huaswei CLI with PKIT from https://github.com/klauswolfinger/pkit.
This software was created for rapid pki engineering and fullfills all the requirenments for PKI.
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.