application commands
security certificate config modify
Contributors
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
Modify the certificate management configurations
Availability: This command is available to cluster administrators at the advanced privilege level.
Description
This command modifies the certificate management configuration information for the cluster.
Parameters
[-min-security-strength <bits of security strength>]- Minimum Security Strength-
Use this parameter to modify the allowed minimum security strength for certificates. The security bits mapping to RSA and ECDSA key length are as follows:
Security Bits Asymmetric Key Length Elliptic Curve Key Length
112 2048 224
128 3072 256
192 4096 384
FIPS supported values are restricted to 112 and 128.
+
NOTE: This does not affect root CA certificates.
+
[-expiration-warn-threshold <integer>]- Minimum Days to EMS for Expiring Certificates-
Use this parameter to modify the number of days prior to certificate expiration the system sends a warning EMS event.
Examples
The following example modifies the minimum security strength allowed for certificates.
cluster-1::> security certificate config modify -min-security-strength 192