File transfer

To load a Trust Anchor Certificate against a TA profile, execute the following command.


[NOTE: ]

NOTE: The TA profile must exist for the command to succeed.


Syntax

(config#)copy tftp ta-certificate ta-profile-name<ip-addr/ipv6-addr>filename

or

copy sftp ta-certificate ta-profile-name ip-addr/ipv6-addr|host-name-str user<user-name>|username@ip-str port <TCP-port> FILE-NAME

Syntax

Options

ta-certificate

Copy a Trust Anchor certificate to the device.

ta-profile-name

The Trust Anchor Profile associated with the certificate.

ip-addr

IP address of the server.

file-name

Name of the certificate file.

ipv6-addr

Specify TFTP server IPv6 address.

host-name-str

Specify hostname of the SFTP server.

user

Specify the username on the remote system.

username@ip-str

Specify the username along with remote system information (hostname, IPv4 or IPv6 address.)

port

TCP port of the SSH server on the remote system.

Syntax

Copy a Trust Anchor (TA) certificate to the device using TFTP:

Copy tftp [file-name]local-certificate [<ip-addr/ipv6-addr>]

Copy a Trust Anchor (TA) certificate to the device using SFTP:

Copy SFTP [file-name] local-certificate [<ip-addr/ipv6-addr/host-name-str>] [user <user-name>] [username@ip-str <filename>]

The file is checked immediately upon completion of transfer and results written to the CLI. The file can be in PEM-encoded or DER-encoded (binary) PKCS#7 format. If the certificate subject matches an existing TA certificate associated with the specified TA profile, then the new certificate updates the existing certificate.

Any certificate which is a root or intermediate certificate will be accepted as a TA certificate. There is no check for the subject.