Crypto Pki Import Pem - Allied Telesis x510-28GTX Command Reference Manual

P K I C
UBLIC EY NFRASTRUCTURE OMMANDS

CRYPTO PKI IMPORT PEM

crypto pki import pem
Overview This command imports a certificate for the given trustpoint from a file in
Privacy-Enhanced Mail (PEM) format. The file may be transferred from the specified
destination URL, or entered at the terminal.
crypto pki import <trustpoint> pem [terminal|<url>]
Syntax
Default The PEM will be imported from the terminal by default.
Mode Privileged Exec
Usage The command is generally used for trustpoints representing external certificate
authorities. It accepts root CA certificates, intermediate CA certificates, and server
certificates. The system automatically detects the certificate type upon import.
Using this command to import root CA certificates at the terminal is identical to the
functionality provided by the crypto pki authenticate command, for external
certificate authorities. The imported certificate is validated to ensure it is a proper
CA certificate.
Intermediate CA certificates are validated to ensure they are proper CA certificates,
and that the issuer chain ends in a root CA certificate already installed for the
trustpoint. If there is no root CA certificate for the trustpoint (i.e., if the trustpoint is
unauthenticated) then intermediate CA certificates may not be imported.
Server certificates are validated to ensure that the issuer chain ends in a root CA
certificate already installed for the trustpoint. If there is no root CA certificate for
the trustpoint (i.e., if the trustpoint is unauthenticated) then server certificates may
not be imported.
The specified trustpoint must already exist. If the imported certificate is
self-signed, then no certificates may exist for the trustpoint. Otherwise, the issuer's
certificate must already be present for the trustpoint.
Example To import the PEM file for the trustpoint "example" from the terminal, use the
following commands:
awplus>
awplus#
C613-50170-01 Rev B
Parameter Description
<trustpoint>
The name of the trustpoint for which the root CA certificate is to
be imported.
terminal
Optional parameter, If specified, the command prompts the user
to enter (or paste) the PEM file at the terminal. If parameter is
specified terminal is assumed by default.
<url>
Optional parameter, If specified, the PEM file is transferred from
the specified URL
enable
crypto pki import example pem
Command Reference for x510 Series
AlliedWare Plus™ Operating System - Version 5.4.7-1.x
1960