Switch identity profile

Creating an identity profile simplifies the generation of cryptographic certificates and certificate signing requests by defining commonly used subject information that is used to identify and authenticate a device using secure, encrypted protocols. ArubaOS-Switch stores one identity profile per device; creating a new profile overwrites an existing profile (if defined).

This command creates an example identity profile for a device with the hostname “switch”:

switch(config)# crypto pki identity-profile switch-id-profile subject common-name switch country us state California locality Roseville org HPE org-unit Aruba

This identity profile will be used whenever a certificate or certificate request is generated later in this guide.

If no identity profile is defined, required subject fields (including the device common name, at a minimum) must be specified each time a cryptographic certificate signing request or self-signed certificate is generated. If a profile is present, the pertinent data is populated automatically.

For more information, refer to the section "Switch identity profile" in the "Certificate Manager" chapter of the ArubaOS-Switch Access Security Guide.