crypto import-pkcs

Imports a TLS server certificate and a private key in PKCS12 format.

Syntax

crypto import-pkcs type [ https ] protocol [ scp | sftp ] [ host ip-address ] [ file cert-file ] [ passphrase passphrase ] [ user remote-user ] [ password password ]

no crypto import type [ https ]

Parameters

protocol

scp: Specifies use of SCP for accessing the certificate file.
sftp: Specifies use of SFTP for accessing the certificate file.

type https

Indicates that the certificate is used for HTTPS server authentication.

host remote-ip

Specifies the IPv4 or IPv6 unicast address of the remote server where the file is located.

user remote-user

Specifies the remote user with access to the file. Supports 1-64 characters.

password remote-user-password

Specifies the password for the remote user.

Note

As a best practice, do not list the password in the command line for security purposes. The user is prompted for the password.

file certificate-and-key-file

Specifies the PKCS file to retrieve. Supports 1-512 characters.

pkcspassphrase passphrase

Specifies the passphrase to unlock the file. Supports 1-64 characters.

Modes

Exec mode

Usage Guidelines

Use this command to import a TLS server certificate and private key (in PKCS12 format) to a device and establish a secure connection.

The no form of the command removes the installed PKCS-format files.

Examples

The following example specifies HTTPS authentication and SCP for the certificate file ngnpb.pkcs.

device# crypto import-pkcs protocol scp type https host 10.24.12.111 user testuser password password file ngnpb.pkcs pkcspassphrase passphrase
 
HTTPS server certificate imported.

Installing https certificate will result in a momentary delay and may affect active CLI connections - please be patient.
Successfully imported file: ngnpb.pkcs

The following example removes the installed PKCS-format files.

device# no crypto import-pkcs type https