download ssl privkey

download ssl ipaddress privkey key_file

Description

Permits downloading of a private key from files stored in a TFTP server.

Syntax Description

ipaddress Specifies the IP address of the TFTP server.
key_file Specifies the name of the private key file.

Default

N/A.

Usage Guidelines

If the operation is successful, the existing private key is overwritten.

After a successful download, a check is performed to find out whether the private key downloaded matches the public key stored in the certificate. If the private and public keys do not match, the switch displays a warning similar to the following: Warning: The Private Key does not match with the Public Key in the certificate. This warning acts as a reminder to also download the corresponding certificate.

The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm.

Downloaded certificates and keys are not saved across switch reboots unless you save your current switch configuration. Once you issue the save command, the downloaded certificate is stored in the configuration file and the private key is stored in the EEPROM.

Remote IP Address Character Restrictions

This section provides information about the characters supported by the switch for remote IP addresses.

When specifying a remote IP address, the switch permits only the following characters:
  • Alphabetical letters, upper case and lower case (A-Z, a-z).
  • Numerals (0-9).
  • Period ( . ).
  • Colon ( : ).

When configuring an IP address for your network server, remember the requirements listed above.

Remote Filename Character Restrictions

This section provides information about the characters supported by the switch for remote filenames.

When specifying a remote filename, the switch permits only the following characters:
  • Alphabetical letters, upper case and lower case (A-Z, a-z).
  • Numerals (0-9).
  • Period ( . ).
  • Dash ( - ).
  • Underscore ( _ ).
  • Slash ( / ).

When naming a remote file, remember the requirements listed above.

Example

The following command downloads a private key from a TFTP server with the IP address of 123.45.6.78:
download ssl 123.45.6.78 privkey t00Ts1e

History

This command was first available in the ExtremeXOS 11.2 and supported with the SSH module.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.