Create a certificate signing request

Creates a certificate signing request on the switch. Including the subject will override the configured identify profile.


crypto pki create-csr certificate-name CERT-NAME ta-profile Profile-Name 
[usage <openflow | web | all | captive-portal | syslog | radsec-client>][key-type rsa key-size <1024|2048>] 
[key-type ecdsa curve <256|384>] [subject [command-name <CN-Value>] [org <Org-Value>] 
[org-unit <Org-unit-value>] [locality Location-Value>] [state <state-Value>] [country <Country-Code>] 
[valid-start <date> valid-end <date>]



A name (maximum 100 characters) with a unique identifier for the Trust Anchor Profile. Ten TA profiles are supported: one for each allowed trust anchor (Root CA certificate.)


When usage is set to all, it includes the OpenFlow and web applications, as well as other applications such syslog.


Uses the RSA key. You must specify the size of the key, key-size. Default is 1024.


Uses the ECDSA key. You must specify the elliptic curve size, curve. Default is 256.


Attempting to install a CA signed ecdsa 256/384 bit certificate fails with an error similar to Invalid certificate.