Imports a TLS server certificate and a private key in PKCS12 format.
Note
As a best practice, do not list the password in the command line for security purposes. The user is prompted for the password.Exec mode
Use this command to import a TLS server certificate and private key (in PKCS12 format) to device and establish a secure connection.
The [no] form of the command removes PKCS-format files.
The no crypto import type https command removes the installed PKCS-format files.
Message | Reason |
---|---|
SCP/SFTP validation failed | Importing certificate failed. Please verify certificate location and user credentials/parameters. |
Invalid credentials or server not accessible | Importing certificate failed. Please verify certificate location and user credentials/parameters. |
Certificate validation failed | Error: Importing certificate failed due to invalid file format or validation failed. |
Username validation failed | Error: Importing certificates failed. Username length should be between 1 and 64 characters. |
IP address validation failed | Importing certificates failed. Only valid IPv4 or IPv6 unicast address is supported. |
Cert/key file name validation failed | Importing certificates failed. File name length should be between 1 and 512. |
The following example specifies HTTPS authentication and SCP for the certificate file ngnpb.pkcs.
device# crypto import-pkcs protocol scp type https host 10.24.12.111 user testuser password password file ngnpb.pkcs pkcspassphrase passphrase HTTPS server certificate imported. Installing https certificate will result in a momentary delay and may affect active CLI connections - please be patient. Successfully imported file: ngnpb.pkcs
The following example removes the installed PKCS-format files.
device# no crypto import-pkcs type https
Note
no crypto import type https
also removes the installed PKCS-format files.