Support User Manuals

Dell 6.2 Server User Manual

Open as PDF

of 869

638 | ManagementAccess DellPowerConnectW-SeriesArubaOS6.2 | User Guide

In the CLI

Use the following command to import CSR certificates:

crypto pki-import {der|pem|pfx|pkcs12|pkcs7} {PublicCert|ServerCert|TrustedCA} <name>

The following example imports a server certificate named cert_20 in DER format:

crypto pki-import der ServerCert cert_20

Viewing Certificate Information

In the WebUI, the Certificate Lists section of the page lists the certificates that are currently installed in the

controller. Click View to display the contents of a certificate.

To view the contents of a certificate with the CLI, use the following commands:

Command Description

show crypto-local pki

trustedCAs [<name>]<

[attribute>]

Displays the contents of a trusted CA certificate. If a name is not specified, all CA

certificates imported into the controller are displayed. If name and attribute are

specified, then only the attribute in the certificate are displayed. Attributes can be

CN, validity, serial-number, issuer, subject, public-key.

show crypto-local pki

serverCerts [<name>]

[<attribute>]

Displays the contents of a server certificate. If a name is not specified, all server

certificates imported into the controller are displayed.

show crypto-local pki

publiccert [<name>]

[<attribute>]

Displays the contents of a public certificate. If a name is not specified, all public

certificates imported into the controller are displayed.

Table 254:

Certificate Show Commands

Imported Certificate Locations

Imported certificates and keys are stored in the following locations in flash on the controller:

Location Description

/flash/certmgr/trustedCAs Trusted CA certificates, either for root or intermediate CAs. Best practices is to

import the certificate for an intermediate CA, you also import the certificate for the

signing CA.

/flash/certmgr/serverCerts Server certificates. These certificates must contain both a public and private key

(the public and private key must match). You can import certificates in PKCS12 and

X509 PEM formats, but they are stored in X509 PEM DES encrypted format.

/flash/certmgr/CSR Temporary certificate signing requests (CSRs) that have been generated on the

controller and are awaiting a CA to sign them.

/flash/certmgr/publiccert Public key of certificates. This allows a service on the controller to identify a

certificate as an allowed certificate.

Table 255:

Imported Certificate Locations

previous next