pki realm (system view)

Function

The pki realm command creates a PKI realm and displays the PKI realm view, or displays the view of an existing PKI realm.

The undo pki realm command deletes a PKI realm.

By default, there is a PKI realm named default in the root system, and this realm can be modified but cannot be deleted; no PKI realm is created in a virtual system.

Format

pki realm realm-name

undo pki realm realm-name

Parameters

Parameter

Description

Value

realm-name

Specifies the name of a PKI realm.

The value is a string of 1 to 64 case-insensitive characters without spaces or question marks. If the character string is quoted by double quotation marks, it can contain question marks.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A PKI realm is a set of identity information required when a PKI entity enrolls a certificate.

Precautions

A PKI realm configured on a device is unavailable to certificate authorities (CAs) or other devices.

When a certificate is requested using a PKI realm, the system names the certificate file PKI realm name_local.cer. Therefore, if you will use a created PKI realm to request certificates, ensure that the PKI realm name length is shorter than 50 characters, because a certificate file with a name longer than 64 characters cannot be saved on a storage device.

Example

# Create a PKI realm abc.

<sysname> system-view
[sysname] pki realm abc
[sysname-pki-realm-abc]
Related Topics
display pki realm
Copyright © Huawei Technologies Co., Ltd.