Loading a local certificate
To load a local certificate (single certificate/certificate chain), execute the following command.
Syntax
(Switch_Name#)copy tftp local-certificate
<ip-addr><file-name>
(Switch_Name#)copy sftp local-certificate
[user <user-name>] [<ip-addr/ipv6-addr/host-name-str>] [<username@ip-str>] <filename> [port <1-65535>]
Options
ta-certificate
Copy a Trust Anchor certificate to the device.
ta-profile-name
The Trust Anchor Profile associated with the certificate.
local certificate
Local Certificate to be copied.
ip-addr
IP address of the server.
file-name
Name of the certificate file.
ipv6–addr
Specify TFTP server IPv6 address.
host-name-str
Specify hostname of the SFTP server.
user
Specify the username on the remote system.
username@ip-str
Specify the username along with remote system information (hostname, IPv4 or IPv6 address.)
port
TCP port of the SSH server on the remote system.
NOTE: The loaded certificate is validated against a pending Certificate Request and the maximum number of intermediate certificates allowed is 3 (with a maximum of 5 certificates in a chain). Intermediate certificates must either be loaded before the local certificate or are included as part of the local certificate.