JWT Verifier from EFA is pushed to SLX during registration.
SLX# show crypto ca certificates oauth2 certificate(OAuth2 token signature validation): SHA1 Fingerprint=57:55:2F:7A:F0:DB:23:CF:37:67:8D:AE:82:35:D8:2D:18:00:17:9E Subject: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation, CN=extremenetworks.com Issuer: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation, CN=extremenetworks.com Not Before: Sep 2 13:26:27 2022 GMT Not After : Aug 30 13:26:27 2032 GMT
Legacy notification is sent to the user if the certificate is going to expire in 30 days. It supports the following alerts which effects the health of EFA security subsystem:
For more information, see Fault Management.
(efa:extreme)extreme@tpvm:~$ efa certificate device install --ip=10.x.x.x --certtype= token +-------------+---------+ | IP Address | Status | +-------------+---------+ | 10.x.x.x | Success | +-------------+---------+ ---Time Elapsed: 27.233017418s ---
For more information about updating the certificates, see Manual Installation of Certificates on Devices.
On renewal of certificate, CertificateRenewalAlert
is raised which
changes the health of the system to green.