Device Certificates
Device certificates are installed
and configured during the SLX and NPB device registration in XCO.
During the registration of an SLX device in XCO, the following certificates are
installed on the device:
- OAuth Certificate: The public
certificate for verifying an XCO token is copied to the device.
This is the JWT Certificate described in XCO Certificates.
- Syslog Certificate: To push
messages to XCO over port 6514.
- HTTPS Certificate: To enable
secure communication with the clients.
During the registration of a NPB device in XCO, the following certificates are installed
on the device:
- GRPC Certificate: To
enable secure communication with the clients.
- Syslog Certificate: To
push messages to XCO over port 6514.
Along with the certificate installation, the following configuration changes are done on
the registered SLX device:
- HTTP mode is disabled on the device,
and HTTPS is enabled.
- OAuth2 is enabled as the primary mode
of authentication. Fallback is set to "local login."
Along with the certificate installation, the following configuration change is done on
the registered NPB device:
- Configure the grpc-server
- Assign the certificate ID
Use the efa inventory device
list command to verify the status of the certificates on the device. If
the Cert/Key Saved
column contains "N," then certificates are not installed.