Create and enroll a self-signed certificate

Creates and enrolls a self-signed local certificate. Including the subject will override the configured identity profile.


crypto pki enroll-self-signed certificate-name CERT-NAME [subject [command-name <CN-Value>] 
[org <Org-Value>] [org-unit <Org-unit-value>] [locality <Location-Value>] 
[state <state-Value>] [country <Country-Code>] [valid-start <date> valid-end <date>] 
[usage <openflow | web | all | captive-portal | syslog | radsec-client>]
[key-type rsa key-size <1024|2048>] [key-type ecdsa curve <256|384>]



A name (maximum 100 characters) with a unique identifier for the Trust Anchor Profile. Ten TA profiles are supported: one for each allowed trust anchor (Root CA certificate.)


When usage is set to all, it includes OpenFlow and web applications, as well as other applications such as syslog.


Uses the RSA key. You must specify the size of the key, key-size. Default is 1024.


Uses the ECDSA key. You must specify the elliptic curve size, curve. Default is 256.