< Home

pki certificate access-control-policy default

Function

The pki certificate access-control-policy default command configures the default certificate access control policy.

By default, the action in the default certificate access control policy is permit. That is, certificates are allowed to pass verification.

Format

pki certificate access-control-policy default { deny | permit }

Parameters

Parameter Description Value
deny Indicates that a certificate is not allowed to pass verification. -
permit Indicates that a certificate is allowed to pass verification. -

Views

System view

Default Level

2: Configuration level

Usage Guidelines

If multiple certificate access policies have been configured, the system matches a certificate against these policies one by one until a positive match. If the certificate does not match any policy, the system takes the action defined in the default policy. To modify the default certificate access policy, run this command.

Example

# Set the action in the default certificate access policy to deny.

<sysname> system-view
[sysname] pki certificate access-control-policy default deny
Parent Topic: PKI Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >