security certificate config modify

Modify the certificate management configurations

Availability: This command is available to cluster administrators at the advanced privilege level.

Description

This command modifies the certificate management configuration information for the cluster.

Parameters

[-min-security-strength <bits of security strength>] - Minimum Security Strength

Use this parameter to modify the allowed minimum security strength for certificates. The security bits mapping to RSA and ECDSA key length are as follows:

            Security Bits   Asymmetric Key Length   Elliptic Curve Key Length 112             2048                 224 128             3072                 256 192             4096                 384

FIPS supported values are restricted to 112 and 128.

Note

This does not affect root CA certificates.

[-expiration-warn-threshold <integer>] - Minimum Days to EMS for Expiring Certificates

Use this parameter to modify the number of days prior to certificate expiration the system sends a warning EMS event.

Examples

The following example modifies the minimum security strength allowed for certificates.

cluster-1::> security certificate config modify -min-security-strength 192

        

Give documentation feedback

security certificate config modify

Description​

Parameters​

Examples​

Description

Parameters

Examples