Solved: Unknown PKI Command

adil.nasser3 · ‎09-18-2013

Hello,

I have been unsuccessful googling for a good understanding what this command does:

validation-usage ssl-client

It is configured under the "crypto ca trustpoint" command in our ASA, like for example:

crypto ca trustpoint XXXX

validation-usage ssl-client

I would appreciate a good clear explanation of what this command does or is for.

Thanks,

Adil

npokhriy · ‎09-18-2013

Hi Adil,

validation-usage

To specify the usage types for which validation with this trustpoint is allowed, use the validation-usage command in crypto ca trustpoint configuration mode. To not specify the usage types, use the no form of the command.

validation-usage ipsec-client | ssl-client | ssl-server

no validation-usage ipsec-client | ssl-client | ssl-server

Syntax Description


ipsec-client	Indicates that IPsec client connections can be validated using this trustpoint.
ssl-client	Indicates that SSL client connections can be validated using this trustpoint.
ssl-server	Indicates that SSL server certificates can be validated using this trustpoint.

You can look in to below link aas well:-

http://www.cisco.com/en/US/docs/security/asa/command-reference/v.html#wp1834686

Regards,

Naresh

View solution in original post

npokhriy · ‎09-18-2013