Import or Replace an HTTPS Certificate

Before you begin

  • Only admin users can perform this procedure.
  • The HTTPS certificate file must be in PEM or PKCS format.

About this task

Perform this procedure to import or replace an HTTPS certificate on the ingress controller. Applications communicating with the 9920 device are secured with TLS. For additional security, a third-party certificate can replace the default certificates. The third-party certificate can be shared with client applications to validate the server. The IP address of the 9920 device should present in the SAN and the common name of third-party server certificates.
Note

Note

If an IP address mismatch occurs between the 9920 device and the server certificate SAN IP, authentication fails during TLS connection.

Procedure

Import or replace an HTTPS certificate.
device# crypto import type https protocol scp host host address certificate cert.pem key key.pem user remote-user password remote-password

Installing https certificate will result in a momentary delay and may affect active CLI connections - please be patient.