Use the template file (template.xml), located in the onecli folder, as an example of the correct syntax to use with the generate command for certificate management. You can modify this file to generate a certificate.
This table provides a list of the template.xml file variables and their definitions.
| Variables | Definition |
|---|---|
| Country Name | The two-letter ISO abbreviation for your country. |
| State or Province Name | The state or province where your organization is located. This entry cannot be abbreviated. |
| Locality Name | The city where your organization is located. |
| Organization Name | The exact legal name of your organization. Do not abbreviate your organization name. |
| Common Name | A fully qualified domain name that resolves to the SSL VPN device. For example, if you intend to secure the URL https://ssl.yourdomain.com, then the common name of the certificate sign request should be ssl.yourdomain.com. |
| Name | This is an optional field for entering a contact name. |
| Email Address | This is an optional field for entering a contact email address. |
| Organization Unit Name | This is an optional field for the name of the unit in your organization. |
| Surname | This is an optional field for entering a surname of contact person. |
| givenName | This is an optional field for entering a given name of contact name. |
| Initials | This is an optional field for entering initials of contact name. |
| dnQualifier | This is an optional field for entering the domain name qualifier. |
| Challenge password | This is an optional attribute. If you specify a challenge password in the certificate sign request, you must know the challenge password if you want to revoke the certificate later. |
| unstructuredName | This is an optional field for entering the unstructured name for contact |
template.xml
<?xml version="1.0" encoding="utf-8"?> <config version="2.1"> <new_key_and_self_signed_cert_info> <item type="Required"> <vectorID>0001</vectorID> <name>countryName</name> <value minlen="2" maxlen="2">XX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>stateOrProvinceName</name> <value minlen="1" maxlen="30">XXXX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>localityName</name> <value minlen="1" maxlen="50">XXXX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>organizationName</name> <value minlen="1" maxlen="60">XXXX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>commonName</name> <value minlen="1" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>Name</name> <value minlen="1" maxlen="60">XXXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>emailAddress</name> <value minlen="1" maxlen="60">XXXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>validityPeriod</name> <value minlen="0" maxlen="2">XX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>organizationalUnitName</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>Surname</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>givenName</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>Initials</name> <value minlen="0" maxlen="20">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>dnQualifier</name> <value minlen="0" maxlen="60">XXXX</value> </item> </new_key_and_self_signed_cert_info> <new_key_and_cert_sign_req_info> <item type="Required"> <vectorID>0001</vectorID> <name>countryName</name> <value minlen="2" maxlen="2">XX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>stateOrProvinceName</name> <value minlen="1" maxlen="30">XXXX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>localityName</name> <value minlen="1" maxlen="50">XXXX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>organizationName</name> <value minlen="1" maxlen="60">XXXX</value> </item> <item type="Required"> <vectorID>0001</vectorID> <name>commonName</name> <value minlen="1" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>Name</name> <value minlen="1" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>emailAddress</name> <value minlen="1" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>organizationalUnitName</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>Surname</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>givenName</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>Initials</name> <value minlen="0" maxlen="20">XXXX</value> </item> <item type="Optional"> <vectorID>0001</vectorID> <name>dnQualifier</name> <value minlen="0" maxlen="60">XXXX</value> </item> <item type="Optional"> <vectorID>0002</vectorID> <name>challengePassword</name> <value minlen="6" maxlen="30">XXXX</value> </item> <item type="Optional"> <vectorID>0002</vectorID> <name>unstructuredName</name> <value minlen="1" maxlen="60">XXXX</value> </item> </new_key_and_cert_sign_req_info> </config>