ssl-certKeyBundle¶
The following operations can be performed on "ssl-certKeyBundle":
show ssl certKeyBundle¶
Displays information about all configured certificate-key bundle's on the appliance, or displays detailed information about the specified certificate-key bundle.
Synopsis¶
show ssl certKeyBundle [
Arguments¶
certkeyBundleName Name given to the cerKeyBundle. The name will be used to bind/unbind certkey bundle to vip. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my file" or 'my file').
Output¶
bundlefile Name of and, optionally, path to the X509 certificate bundle file that is used to form the certificate-key bundle. The certificate bundle file should be present on the appliance's hard-disk drive or solid-state drive. /nsconfig/ssl/ is the default path. The certificate bundle file consists of list of certificates and one key in PEM format.
passplain Pass phrase used to encrypt the private-key. Required when certificate bundle file contains encrypted private-key in PEM format.
serverName Vserver name to which the certKeyBundle is bound.
subject Subject name.
serial Serial number.
issuer Issuer name.
publickey Public key algorithm.
publickey Public key algorithm.
publickeysize Size of the public key.
sandns Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SAN). This field is for DNS names
sanipadd Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SAN). This field is for IP address
sandns Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SAN). This field is for DNS names
sanipadd Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SAN). This field is for IP address
clientCertNotBefore Not-Before date.
clientCertNotAfter Not-After date.
daysToExpiration Days remaining for the certificate to expire.
signatureAlg Signature algorithm.
status Status of the certificate.
stateflag devno count
Example¶
1) show ssl certKeyBundle bundle1 2) show ssl certKeyBundle
rm ssl certKeyBundle¶
Removes the specified certificate-key bundle. The certificate-key bundle is removed only if it is not referenced by any SSL virtual server.
Synopsis¶
rm ssl certKeyBundle
Arguments¶
certkeyBundleName Name given to the cerKeyBundle. The name will be used to bind/unbind certkey bundle to vip. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my file" or 'my file').
Example¶
rm ssl certKeyBundle bundle1
add ssl certKeyBundle¶
Adds a certificate-key bundle. After it is bound to a virtual server, it is used for processing SSL transactions.
Synopsis¶
add ssl certKeyBundle
Arguments¶
certkeyBundleName Name given to the cerKeyBundle. The name will be used to bind/unbind certkey bundle to vip. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my file" or 'my file').
bundlefile Name of and, optionally, path to the X509 certificate bundle file that is used to form the certificate-key bundle. The certificate bundle file should be present on the appliance's hard-disk drive or solid-state drive. /nsconfig/ssl/ is the default path. The certificate bundle file consists of list of certificates and one key in PEM format.
passplain Pass phrase used to encrypt the private-key. Required when certificate bundle file contains encrypted private-key in PEM format.
Example¶
1) add ssl certKeyBundle bundle1 -bundlefile /nsconfig/ssl/cert_bundle.pem 2) add ssl certKeyBundle bundle2 -bundlefile /nsconfig/ssl/cert_bundle_enc.pem -passplain <>