efa certificate device
install
Installs HTTPS and OAuth2 certificates
on SLX devices.
Syntax
efa certificate device
install
[
--ip
ip-addr
|
--fabric
fabric-name
|
--certType
{ https | token
}|
--https-certificate
|
--https-key
|
--force
]
Command Default
By default, certificates are not installed.
Parameters
- --ip
ip-addr
- Specifies a comma-separated list of the IP
addresses of the SLX devices on which you want to install the
certificate.
- --fabric
fabric-name
- Specifies the name of the fabric.
- --certType
{
https |
token
}
- Specifies the type of certificate you are
installing. If you do not specify a type, this command creates both
types.
-
--https-certificate
- Specifies the file name of the
certificate.
-
--https-key
- Specifies the file name of the certificate
key.
- --force
- Update the certificate even if it is already present.
Usage Guidelines
During the registration of an SLX device in
XCO, the following
configuration changes are made on the device.
- The public certificate for
verifying an XCO token is copied to the device as an
OAuth2 certificate.
- XCO
generates the HTTPS certificate for the SLX device. The certificate is
copied to the device, HTTP mode is turned off on the device, and HTTPS is
enabled on the device.
- OAuth2 is enabled as the
primary mode of authentication. Fallback is set to "local login."
You can use the efa inventory device list command to verify the
status of the certificates on the device. If the Cert/Key Saved column
contains "N," then certificates are not installed. You can then use the efa
certificates device install command to install the certificates.
Examples
This example installs the HTTPS certificate on two devices.
efa certificates device install --ip 10.139.44.147-148 --certType https
+---------------+---------+
| IP Address | Status |
+---------------+---------+
| 10.139.44.148 | Success |
+---------------+---------+
| 10.139.44.147 | Success |
+---------------+---------+
This example installs the HTTPS certificate the devices in fabric fabric1. It will update the certificates even if already present.
efa certificates device install -–fabric fabric1 --certType https --force
+---------------+---------+
| IP Address | Status |
+---------------+---------+
| 10.139.44.148 | Success |
+---------------+---------+
| 10.139.44.147 | Success |
+---------------+---------+