API Guide
crypto crl install
Installs the Certificate Revocation List files that you copied to the switch.
Syntax
crypto crl install crl-path [crl-filename]
Parameters
● crl-path — Enter the path to the directory where the CRL is downloaded.
● crl-filename — (Optional) Enter the CRL filename that you copied to the switch.
Default Not configured
Command Mode EXEC
Usage
Information
Before you use the crypto crl install command, copy a CRL to the home:// or usb://
directory. If you do not enter a CRL filename in the command, you can copy and paste it when prompted.
Use the show crypto crl command to view the CRLs that are already installed on the switch. In the
show output, the CRLs displayed under Manually installed CRLs are installed using the crypto
crl install command.
Example
OS10# copy scp:///tftpuser@10.11.178.103:/crl_example_file.pem home://
password:
OS10# crypto crl install home://
Network_Solutions_Certificate_Authority.0.crl.pem
OS10# show crypto crl
--------------------------------------
| Manually installed CRLs |
--------------------------------------
Network_Solutions_Certificate_Authority.0.crl.pem
--------------------------------------
| Downloaded CRLs |
--------------------------------------
Supported
Releases
10.5.0 or later
crypto fips enable
Enables FIPS mode.
Syntax
crypto fips enable
Parameters None
Default Not configured
Command mode EXEC
Usage
information
You can use OS10 in FIPS 140-2 compliant mode. In this mode, applications restrict their use of
cryptographic algorithms to those supported by the NIST FIPS 140-2 standard and certification process.
When you enable FIPS mode:
● The SSH service restarts. Existing SSH sessions are not affected. Only new SSH sessions operate in
the enabled FIPS mode.
● SSH host keys are regenerated.
● If SNMPv3 is configured with privacy settings, it operates in FIPS mode.
If you enable FIPS using the crypto fips enable command, RADIUS over TLS operates in FIPS
mode. In FIPS mode, RADIUS over TLS requires that a FIPS-compliant certificate and key pair are
installed on the switch.
Example
OS10# crypto fips enable
1074 Security