certificate request polling

Use certificate request polling to set the polling interval and the maximum number of attempts to query certificate request status.

Use undo certificate request polling to restore the defaults.

Syntax

certificate request polling { count count | interval interval }

undo certificate request polling { count | interval }

Default

The polling interval is 20 minutes, and the maximum number of attempts is 50.

Views

PKI domain view

Predefined user roles

network-admin

mdc-admin

Parameters

count count: Specifies the maximum number of query attempts. The value range is 1 to 100.

interval interval: Specifies a polling interval in minutes. The value range is 5 to 168.

Usage guidelines

After a PKI entity submits a certificate request, it might take the CA server a while to issue the certificate if the CA administrator must manually approve the certificate request. During this period, the PKI entity periodically queries the CA server for the certificate request status. The periodic query operation stops until the PKI entity obtains the certificate or the maximum number of query attempts is reached. If the maximum number of query attempts is reached, the certificate request fails.

If the CA server automatically approves certificate requests, the PKI entity can obtain the certificate immediately after it submits a certificate request. In this case, the PKI entity does not send queries to the CA server.

Examples

# Set the polling interval to 15 minutes, and the maximum number of query attempts to 40.

<Sysname> system-view
[Sysname] pki domain aaa
[Sysname-pki-domain-aaa] certificate request polling interval 15
[Sysname-pki-domain-aaa] certificate request polling count 40

Related commands

display pki certificate request-status