< Home

certificate peer-name

Function

The certificate peer-name command enables IKEv1 digital envelope negotiation to use the peer certificate file imported to the PKI.

The undo certificate peer-name command disables IKEv1 digital envelope negotiation from using the peer certificate file imported to the PKI.

By default, the system does not use the peer certificate file imported to the PKI for IKEv1 digital envelope negotiation.

Format

certificate peer-name peer-name

undo certificate peer-name

Parameters

Parameter Description Value
peer-name peer-name Specifies the name of the digital certificate of an IKE peer.

The digital certificate must have been imported to the PKI.

Views

IKE peer view

Default Level

2: Configuration level

Usage Guidelines

If the authentication method is digital envelope (digital-envelope), you can use the peer digital certificate imported to the PKI. IKEv1 obtains the certificate public key through the peer digital certificate for digital envelope negotiation.

Example

# Import the peer digital certificate aa.pem and reference it in the IKE peer.

<sysname> system-view
[sysname] pki import-certificate peer abcd pem filename aa.pem
[sysname] ike peer a
[sysname-ike-peer-a] certificate peer-name abcd
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >