The pki import dsa-key-pair command imports a DSA key pair in a PKCS7 file to the device memory.
| Parameter | Description | Value |
|---|---|---|
| keyname | Specifies the name of the imported DSA key pair on the device. |
The value is a string of 1 to 64 characters and case-sensitive without spaces or question marks (?). If the character string is enclosed in double quotation marks (" "), the character string can contain spaces and question marks. |
| pkcs7 | Specifies the imported certificate format as PKCS7. | - |
| cert-file cert-filename | Specifies the file name of the certificate for the DSA key pair. | The value must be an existing certificate file name. |
| key-file key-filename | Specifies the name of the file that stores the DSA key pair. | The value must be an existing DSA key pair name. |
| exportable | Specifies the imported DSA key pair as exportable. | - |
| password | Specifies the decryption password of the DSA key pair. | The value must be the name of an existing decryption password. |
Prerequisites
If the local device needs to use DSA key pairs, related certificates and certificate chains generated by other entities, run this command.
The DSA key pair and related certificates must already exist on the storage device.
Precautions
<sysname> cd pki <sysname> cd public/
# Import the certificate file cert.p7. The key file is key.p7. In the system, the DSA key pair is named key-1, has the decryption password Test!123456, and is marked exportable.
<sysname> system-view [sysname] pki import dsa-key-pair key-1 pkcs7 cert-file cert.p7 key-file key.p7 exportable password Test!123456 Info: Succeeded in importing the PKCS7 certificate and key.