Details
Creating an identity profile simplifies the generation of cryptographic certificates and certificate signing requests by defining commonly used subject information that is used to identify and authenticate a device using secure, encrypted protocols. ArubaOS-Switch stores one identity profile per device; creating a new profile overwrites an existing profile (if defined).
Solution
This command creates an example identity profile for a device with the hostname “switch”:
switch(config)# crypto pki identity-profile switch-id-profile subject common-name
switch country us state California locality Roseville org HPE org-unit Aruba
This identity profile will be used whenever a certificate or certificate request is generated later in this guide.
If no identity profile is defined, required subject fields (including the device common name, at a minimum) must be specified each time a cryptographic certificate signing request or self-signed certificate is generated. If a profile is present, the pertinent data is populated automatically.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system ArubaOS.