security certificate show-generated

Display ONTAP generated certificates

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

This command displays information about the Data ONTAP generated digital digital certificates. Some details are displayed only when you use the command with the -instance parameter.

Parameters

{ [-fields <fieldname>, ...]
If you specify the -fields <fieldname>, ... parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.
| [-instance ]}
If you specify the -instance parameter, the command displays detailed information about all fields.
[-vserver <Vserver Name>] - Name of Vserver
Selects the Vserver whose digital certificates you want to display.
[-common-name <FQDN or Custom Common Name>] - FQDN or Custom Common Name
Selects the certificates that match this parameter value.
[-serial <text>] - Serial Number of Certificate
Selects the certificates that match this parameter value.
[-ca <text>] - Certificate Authority
Selects the certificates that match this parameter value.
[-type <type of certificate>] - Type of Certificate
Selects the certificates that match this parameter value.
[-subtype <kmip-cert>] - Certificate Subtype
Selects the certificate subtype that matches the specified value. The valid values are as follows:
  • kmip-cert - this is a Key Management Interoperability Protocol (KMIP) certificate
[-size <size of requested certificate in bits>] - Size of Requested Certificate in Bits
Selects the certificates that match this parameter value.
[-start <Date>] - Certificate Start Date
Selects the certificates that match this parameter value.
[-expiration <Date>] - Certificate Expiration Date
Selects the certificates that match this parameter value.
[-public-cert <certificate>] - Public Key Certificate
Selects the certificates that match this parameter value.
[-country <text>] - Country Name
Selects the certificates that match this parameter value.
[-state <text>] - State or Province Name
Selects the certificates that match this parameter value.
[-locality <text>] - Locality Name
Selects the certificates that match this parameter value.
[-organization <text>] - Organization Name
Selects the certificates that match this parameter value.
[-unit <text>] - Organization Unit
Selects the certificates that match this parameter value.
[-email-addr <mail address>] - Contact Administrator's Email Address
Selects the certificates that match this parameter value.
[-protocol <protocol>] - Protocol
Selects the certificates that match this parameter value.
[-hash-function <hashing function>] - Hashing Function
Selects the certificates that match this parameter value.
[-self-signed {true|false}] - Self-Signed Certificate
Selects the certificates that match this parameter value.
[-cert-name <text>] - Unique Certificate Name
This specifies the system's internal identifier for the certificate. It is unique within a Vserver.

Examples

The examples below display information about Data ONTAP generated digital certificates.

cluster1::> security certificate show-generated

Vserver    Serial Number   Certificate Name                          Type
---------- --------------- ----------------------------------------- ---------
vs0        4F4E4D7B        www.example.com        server
    Certificate Authority: www.example.com
          Expiration Date: Thu Feb 28 16:08:28 2013

cluster1::> security certificate show-generated -instance
                             Vserver: vs0
                    Certificate Name: www.example.com
          FQDN or Custom Common Name: www.example.com
        Serial Number of Certificate: 4F4E4D7B
               Certificate Authority: www.example.com
                 Type of Certificate: server
 Size of Requested Certificate(bits): 2048
              Certificate Start Date: Fri Apr 30 14:14:46 2010
         Certificate Expiration Date: Sat Apr 30 14:14:46 2011
              Public Key Certificate: -----BEGIN CERTIFICATE-----
                                      MIIDfTCCAmWgAwIBAwIBADANBgkqhkiG9w0BAQsFADBgMRQwEgYDVQQDEwtsYWIu
                                      YWJjLmNvbTELMAkGA1UEBhMCVVMxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYD
                                      VQQKEwAxCTAHBgNVBAsTADEPMA0GCSqGSIb3DQEJARYAMB4XDTEwMDQzMDE4MTQ0
                                      BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCVG7dYGe51akE14ecaCdL+LOAxUMA0G
                                      CSqGSIb3DQEBCwUAA4IBAQBJlE51pkDY3ZpsSrQeMOoWLteIR+1H0wKZOM1Bhy6Q
                                      +gsE3XEtnN07AE4npjIT0eVP0nI9QIJAbP0uPKaCGAVBSBMoM2mOwbfswI7aJoEh
                                      +XuEoNr0GOz+mltnfhgvl1fT6Ms+xzd3LGZYQTworus2
                                      -----END CERTIFICATE-----
        Country Name (2 letter code): US
  State or Province Name (full name): California
           Locality Name (e.g. city): Sunnyvale
    Organization Name (e.g. company): example
    Organization Unit (e.g. section): IT
        Email Address (Contact Name): web@example.com
                            Protocol: SSL
                    Hashing Function: SHA256