Truststore (validation credentials) commands
Truststore mode provides the commands to create or modify a truststore.
To enter the mode, use the crypto valcred command. To delete a truststore, use the no valcred command.
While in this mode, use the commands in the following table to define the truststore.
- To view the current configuration, use the show command.
- To restore default values, use the reset command.
- To exit this configuration mode without saving changes to the running configuration, use the cancel command.
- To exit this configuration mode and save changes to the running configuration, use the exit command.
| Command | Purpose |
|---|---|
| admin-state | This command sets the administrative state for the configuration. |
| cert-validation-mode | This command sets the validation method for certificates in the truststore. |
| certificate | This command adds a certificate to the truststore. |
| check-dates | This command controls whether to check the current date against the
NotBefore value and the NotAfter value in the X.509 certificates
and CRLs during certificate validation. |
| crldp | This command controls support for the X.509 Certificate Distribution Point certificate extension. |
| explicit-policy | This command controls support for the initial explicit policy variable. |
| initial-policy-set | This command identifies a certificate policy for the truststore. |
| require-crl | This command mandates CRL use during certificate chain processing. |
| summary | This command specifies the brief, descriptive summary for the object instance. |
| use-crl | This command enables but does not require the use of certificate revocation lists during certificate chain processing. |