File transfer
To load a Trust Anchor Certificate against a TA profile, execute the following command.
NOTE: The TA profile must exist for the command to succeed. | |
Syntax
(config#)copy tftp ta-certificate
ta-profile-name
<ip-addr/ipv6-addr>
filename
or
copy sftp ta-certificate
ta-profile-name
ip-addr/ipv6-addr|host-name-str
user<user-name>|username@ip-str
port <TCP-port>
FILE-NAME
Syntax
Options
ta-certificate
Copy a Trust Anchor certificate to the device.
ta-profile-name
The Trust Anchor Profile associated with the certificate.
ip-addr
IP address of the server.
file-name
Name of the certificate file.
ipv6-addr
Specify TFTP server IPv6 address.
host-name-str
Specify hostname of the SFTP server.
user
Specify the username on the remote system.
username@ip-str
Specify the username along with remote system information (hostname, IPv4 or IPv6 address.)
port
TCP port of the SSH server on the remote system.
Syntax
Copy a Trust Anchor (TA) certificate to the device using TFTP:
Copy tftp
[file-name]
local-certificate[<ip-addr/ipv6-addr>]
Copy a Trust Anchor (TA) certificate to the device using SFTP:
Copy SFTP [
file-name
] local-certificate [<ip-addr/ipv6-addr/host-name-str>][user <user-name>] [username@ip-str <filename>]
The file is checked immediately upon completion of transfer and results written to the CLI. The file can be in PEM-encoded or DER-encoded (binary) PKCS#7 format. If the certificate subject matches an existing TA certificate associated with the specified TA profile, then the new certificate updates the existing certificate.
Any certificate which is a root or intermediate certificate will be accepted as a TA certificate. There is no check for the subject.