|
The following commands can be used to check whether a certificate can be renamed. The '?' command is used to show the list of all available sub-commands in a particular context.
config vpn certificate {local | ca | remote | ocsp-server | crl}
?
edit: Add/edit a table value.
delete: Delete a table value.
purge: Clear all table values.
rename: Rename a table entry. <----- Rename is available.
get: Get dynamic and system information.
show: Show configuration.
end: End and save the last config.
The rename command can then be used as shown below:
FGT(CA) # rename <old-cert_name> to <new-cert_name>
The following example shows how to change the name of the CA cert:
FGT# config vpn certificate ca
FGT(ca) # show
config vpn certificate ca
edit "CA_Cert_1"
set range global
next
end
FGT(ca) # rename CA_Cert_1 to FSRAO_CA_CERT
SDC-INTFW-01 (ca) # show
config vpn certificate ca
edit "FSRAO_CA_CERT" <----- Cert is renamed.
set range global
next
end
Renaming a certificate could potentially disrupt services that rely on the old certificate name. To list services using the certificate, you can use:
diagnose vpn certificate list-usage <old-cert_name>
|
