| addsslcertkey |
Use this method to adds a certificate-key pair to memory. After it is bound to a virtual server or service, it is used for processing SSL transactions. In a high-availability configuration, the path to the certificate and the optional private key must be the same on the primary and the secondary appliance. For a server certificate, a private key is required. |
Syntax |
Parameters |
certkeyname |
Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after the certificate-key pair is created.
The following requirement applies only to the Citrix ADC CLI:
If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my cert" or 'my cert'). This is mandatory parameter. |
cert |
Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. This is mandatory parameter. |
key |
Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. |
password |
Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format. |
fipskey |
Name of the FIPS key that was created inside the Hardware Security Module (HSM) of a FIPS appliance, or a key that was imported into the HSM. |
hsmkey |
Name of the HSM key that was created in the External Hardware Security Module (HSM) of a FIPS appliance. |
inform |
Input format of the certificate and the private-key files. The three formats supported by the appliance are:
PEM - Privacy Enhanced Mail
DER - Distinguished Encoding Rule
PFX - Personal Information Exchange Default value = FORMAT_PEM. |
passplain |
Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format. |
expirymonitor |
Issue an alert when the certificate is about to expire. |
notificationperiod |
Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. Minimum value = 10. Maximum value = 100. |
bundle |
Parse the certificate chain as a single file after linking the server certificate to its issuer's certificate within the file. Default value = NO. |
deletecertkeyfilesonremoval |
This option is used to automatically delete certificate/key files from physical device when the added certkey is removed. When deleteCertKeyFilesOnRemoval option is used at rm certkey method, it overwrites the deleteCertKeyFilesOnRemoval setting used at add/set certkey method Default value = CERTKEYFILE_DELETE_NO. |
Return Value |
Returns simpleResult |
See Also |