Displays the various certificates stored within the TPM chip.
EXEC mode
This example uses the show system command to view the current state of the provisioning state of the TPM chip on the device.
SLX# show system
Stack MAC : 40:88:2f:c1:b4:1d
-- UNIT 0 --
Unit Name : SLX
Up Time : up 23 min
Current Time : 21:32:02 GMT
SLX-OS Version : 20.2.3
Jumbo Capable : yes
Burned In MAC : 40:88:2f:c1:b4:18
.
.
-- Fan Status --
Fan 1 is Ok, speed is 6400 RPM
Fan 2 is Ok, speed is 6400 RPM
Fan 3 is Ok, speed is 6560 RPM
Fan 4 is Ok, speed is 6400 RPM
Fan 5 is Ok, speed is 6400 RPM
Fan 6 is Ok, speed is 6400 RPM
-- TPM Status --
TPM Provision status: Provisioned
SLX#
This example displays the options available for the show tpm command.
SLX# show tpm
Possible completions:
ekcert Show Endorsement Key (EK) certificate
iakcert Show Initial Attestation Key (IAK) certificate
idevidcert Show Initial Device Identifier (IDevID) certificate
This example displays the EK certificate
SLX# show tpm ekcert
SHA1 Fingerprint=5C:7D:FE:A7:95:DD:01:44:99:3C:14:F1:A1:AA:50:7D:E3:44:15:11
Issuer: C=DE, O=Infineon Technologies AG, OU=OPTIGA(TM) TPM2.0, CN=Infineon OPTIGA(TM) RSA Manufacturing CA 034
Not Before: Jul 18 20:01:45 2020 GMT
Not After : Jul 18 20:01:45 2035 GMT
This example displays the IAK certificate
SLX# show tpm iakcert
SHA1 Fingerprint=59:B8:FE:E2:73:5A:35:B5:D6:B9:F8:B3:BB:7B:04:FD:9A:E7:6D:5E
Subject: C=US, O=Fake, OU=Trusted Delivery, CN=8720-32C:TH012045Q-40001
Issuer: C=US, O=Fake, OU=Trusted Delivery, CN=Fake TD E-0 Switch LCA 20200731
Not Before: Nov 23 14:24:21 2020 GMT
Not After : Nov 23 14:23:21 2035 GMT
This example displays the IDevID certificate
SLX# show tpm idevidcert
SHA1 Fingerprint=2F:1A:B8:E7:CB:D7:67:D2:3B:81:FB:F8:60:16:06:AF:21:FE:D9:AF
Subject: C=US, O=Fake, OU=Trusted Delivery, CN=8720-32C:TH012045Q-40001
Issuer: C=US, O=Fake, OU=Trusted Delivery, CN=Fake TD E-0 Switch LCA 20200731
Not Before: Nov 23 14:24:22 2020 GMT
Not After : Nov 23 14:23:22 2035 GMT