Manualshelf

API Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4248FB-ON /S4248FBL-ON
1061106210631064106510661067106810691070
Usage
information
When you enable VLT or a fabric automation application, switches that participate in the cluster use
secure channels to communicate with each other. OS10 installs a default X.509v3 certificate-key pair to
establish secure channels between the peer devices in a cluster. If untrusted devices access the
management or data ports on the switch, replace the default certificate-key pair with a custom X.509v3
certificate-key pair using the cluster security-profile command. A security profile associates a
certificate and private key pair using the certificate command. The no form of the command deletes
the cluster security profile.
Example
OS10(config)# cluster security-profile secure-cluster
OS10(config)#
Supported
releases
10.4.3.0 or later
crypto ca-cert delete
Deletes a CA certificate.
Syntax
crypto ca-cert delete {ca-cert-filepath | all}
Parameters
ca-cert-filepath Enter the local path where the downloaded CA certificate is stored; for
example, home://CAcert.pem or usb://CA-cert.pem.
all Delete all CA certificates.
Default Not configured
Command mode EXEC
Usage
information
To display the currently installed CA certificates, use the show crypto ca-certs command.
Example
OS10# crypto ca-cert delete Amazon_Root_CA.crt
Successfully removed certificate
OS10# crypto ca-cert delete all
Proceed to delete all installed CA certificates? [confirm yes/
no(default)]:yes
Supported
releases
10.4.3.0 or later
crypto ca-cert install
Installs a certificate from a Certificate Authority that is copied to the switch.
Syntax
crypto ca-cert install ca-cet-filepath [filename]
Parameters
ca-cert-filepath Enter the local path where the downloaded CA certificate is stored; for
example, home://CAcert.pem or usb://CA-cert.pem.
filename (Optional) Enter the filename that the CA certificate is stored under in the OS10 trust
store directory. Enter the filename in the filename.crt format.
Default Not configured
Command mode EXEC
Usage
information
Before using the crypto ca-cert install command, copy the certificate to the home directory on
the switch using a secure connection, such as HTTPS, SCP, or SFTP. After successful installation, the
subject and issuer of the CA certificate are displayed. To delete a trusted certificate, use the crypto
ca-cert delete command.
Security 1069