You can upload HTTPS and Token certificate on the devices using the following command:
efa certificate device install --help Install certificates on devices Usage: efa certificate device install [flags] Flags: --ip string Comma separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2 --fabric string Specify the name of the fabric --cert-type string Certificate Type (https | token) --https-certificate string Local path to the certificate pem file --https-key string Local path to the key pem file --force Update the certificate even if already present --- Time Elapsed: 3.350424ms ---
Note
Fabric and multiple IP do not work withhttps|token
(efa
certificates device install --ips <ip-adddr> certType [
http|token]).Use the following command to install the certificates on multiple devices:
efa certificates device install --ip 10.139.44.147-148 --certType https +---------------+---------+ | IP Address | Status | +---------------+---------+ | 10.139.44.148 | Success | +---------------+---------+ | 10.139.44.147 | Success | +---------------+---------+
Use the following command to install the HTTPS certificates on the devices in fabric fabric1. If the force option is used, it will update the certificates even if already present:
efa certificates device install -–fabric fabric1 --certType https --force +---------------+---------+ | IP Address | Status | +---------------+---------+ | 10.139.44.148 | Success | +---------------+---------+ | 10.139.44.147 | Success | +---------------+---------+
When you enter the force option, certificates on the devices of interest are updated whether they currently exist or not. If you do not enter the force option, the update reverts to only installing certificates on input devices that do not have them.
Example:
Certificates on SLX 10.139.44.147 before and after force: SLX# show crypto ca certificates Certificate Type: https; Trustpoint: none certificate: SHA1 Fingerprint=CA:7D:13:C6:44:05:71:24:6B:BC:D4:C2:75:95:B6:53:AE:74:03:C0 Subject: CN=slx-10.139.44.147.extremenetworks.com Issuer: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation Intermediate, CN=EFA Intermediate CA/emailAddress=support@extremenetworks.com Not Before: Aug 2 13:42:05 2022 GMT Not After : Aug 2 13:42:05 2024 GMT syslog CA certificate(Server authentication): SHA1 Fingerprint=C4:23:B1:A9:6B:DD:45:6C:AA:9B:85:10:63:65:0E:02:77:7D:68:49 Subject: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation Intermediate, CN=EFA Intermediate CA/emailAddress=support@extremenetworks.com Issuer: C=US, ST=CA, L=SJ, O=Extreme Networks, OU=Extreme Fabric Automation, CN=efa.extremenetworks.com/emailAddress=support@extremenetworks.com Not Before: Sep 2 13:14:01 2022 GMT Not After : Aug 30 13:14:01 2032 GMT oauth2 certificate(OAuth2 token signature validation): SHA1 Fingerprint=57:55:2F:7A:F0:DB:23:CF:37:67:8D:AE:82:35:D8:2D:18:00:17:9E Subject: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation, CN=extremenetworks.com Issuer: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation, CN=extremenetworks.com Not Before: Sep 2 13:26:27 2022 GMT Not After : Aug 30 13:26:27 2032 GMT
SLX# show crypto ca certificates Certificate Type: https; Trustpoint: none certificate: SHA1 Fingerprint=73:06:CD:84:F3:C9:12:49:70:88:57:4A:A5:97:43:91:6A:BA:98:A1 Subject: CN=slx-10.139.44.147.extremenetworks.com Issuer: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation Intermediate, CN=EFA Intermediate CA/emailAddress=support@extremenetworks.com Not Before: Aug 2 13:44:24 2022 GMT Not After : Aug 2 13:44:24 2024 GMT syslog CA certificate(Server authentication): SHA1 Fingerprint=C4:23:B1:A9:6B:DD:45:6C:AA:9B:85:10:63:65:0E:02:77:7D:68:49 Subject: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation Intermediate, CN=EFA Intermediate CA/emailAddress=support@extremenetworks.com Issuer: C=US, ST=CA, L=SJ, O=Extreme Networks, OU=Extreme Fabric Automation, CN=efa.extremenetworks.com/emailAddress=support@extremenetworks.com Not Before: Sep 2 13:14:01 2022 GMT Not After : Aug 30 13:14:01 2032 GMT oauth2 certificate(OAuth2 token signature validation): SHA1 Fingerprint=57:55:2F:7A:F0:DB:23:CF:37:67:8D:AE:82:35:D8:2D:18:00:17:9E Subject: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation, CN=extremenetworks.com Issuer: C=US, ST=CA, O=Extreme Networks, OU=Extreme Fabric Automation, CN=extremenetworks.com Not Before: Sep 2 13:26:27 2022 GMT Not After : Aug 30 13:26:27 2032 GMT