application commands
The requested article is not available. Either it doesn't apply to this version of the product or the relevant information is organized differently in this version of the docs. You can search, browse, or go back to the other version.
A newer release of this product is available.
security certificate config modify
Contributors
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
Modify the certificate management configurations
Availability: This command is available to cluster administrators at the advanced privilege level.
Description
This command modifies the certificate management configuration information for the cluster.
Parameters
[-min-security-strength <bits of security strength>]- Minimum Security Strength-
Use this parameter to modify the allowed minimum security strength for certificates. The security bits mapping to RSA and ECDSA key length are as follows:
Security Bits Asymmetric Key Length Elliptic Curve Key Length
112 2048 224
128 3072 256
192 4096 384
FIPS supported values are restricted to 112 and 128.
+
NOTE: This does not affect root CA certificates.
+
[-expiration-warn-threshold <integer>]- Minimum Days to EMS for Expiring Certificates-
Use this parameter to modify the number of days prior to certificate expiration the system sends a warning EMS event.
Examples
The following example modifies the minimum security strength allowed for certificates.
cluster-1::> security certificate config modify -min-security-strength 192
