Switch identity profile

Information

Creating an identity profile simplifies the generation of cryptographic certificates and certificate signing requests by defining commonly used subject information that is used to identify and authenticate a device using secure, encrypted protocols. ArubaOS-Switch stores one identity profile per device; creating a new profile overwrites an existing profile (if defined).

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

This command creates an example identity profile for a device with the hostname "switch":

switch(config)# crypto pki identity-profile switch-id-profile subject common-name
switch country us state California locality Roseville org HPE org-unit Aruba

This identity profile will be used whenever a certificate or certificate request is generated later in this guide.

If no identity profile is defined, required subject fields (including the device common name, at a minimum) must be specified each time a cryptographic certificate signing request or self-signed certificate is generated. If a profile is present, the pertinent data is populated automatically.

See Also

https://support.hpe.com/hpesc/public/docDisplay?docId=a00056155en_us

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-12

Plugin: ArubaOS

Control ID: e6de623db3161ac2e0da6449e875b77448c5ddb1c63bb90cd6b959c497d3d80e