Configuration commands

Configure following commands in the switch:
  • est-server commands

  • enroll-est-certificate commands

The est-server command creates an EST server profile. EST server profile includes a profile name, and EST server attributes, such as the server URL, retry interval, retry count, and authorization mechanism. This command also supports certificate enrollment before expiry.

If the EST server enforces any parameter, that parameter will take precedence over configured parameter, such as expiry.

The enroll-est-certificate command is used for enrollment of an application certificate through an EST server. To configure certificate details, you require a TA profile, and an EST server profile name.

If the initial enrollment attempt fails, use a force command to re-enroll the certificates.