Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1241124212431244124512461247124812491250
A-57
Command-Line Reference
Global Configuration Context
certificates import
Use this command to use FTP, TFTP, or SCP to install the certificates on the
TMS zl Module. (These certificates are necessary for the module to use DSA
or RSA signatures for the IKE authentication method.)
Enter the following command to retrieve the CA certificate, IPsec certificate,
CRLs, and private keys:
Syntax: certificates import < ca | ipsec-cert | crl | private-key id <ID> > < ftp | scp>
<server address> <filename> user <username>
Syntax: certificates import < ca | ipsec-cert | crl | private-key id <ID> > tftp <server
address> <filename>
Replace <ID> with a string between 1 and 31 alphanumeric characters. The
string must be unique to the private key you are importing.
Replace <server address> with the IP address for your server.
Replace <filename> with the full certificate, CRL, or private key filename as
stored on the server. For example, c:/folder/cert.crt.
Replace <username> with the username on the account on your FTP or SCP
server. After entering this command, you will be prompted for the user’s
password.
For example:
ProCurve(tms-module-<slot ID>:config)# certificates
import ca ftp 192.168.11.23 c:/folder/cert.crt user user1
Password: ******
certificates scep
Use this command to configure the SCEP server. You can then use SCEP to
install the certificates that allow the TMS zl Module to use RSA signatures for
the IKE authentication method.
Note Before you begin to configure the settings for using SCEP to install certifi-
cates, make sure that the TMS zl Module has the correct time (show time). If
the module does not have the correct time, the SCEP process may fail. The
TMS zl Module takes its time from the host switch, so if you need to adjust the
time, you will need to configure the switch.