AT-S62 Command Line User’s Guide
517
Description
This command adds a certificate to the certificate database from the
AT-S62 file system. To view the certificate files in the file system, refer to
SHOW FILE on page 234. To view the certificates already in the database,
refer to SHOW PKI CERTIFICATE on page 530.
The CERTIFICATE parameter assigns the certificate a name. The name
can be from 1 to 40 alphanumeric characters. Each certificate in the
database should be given a unique name.
The LOCATION parameter specifies the filename of the certificate as
stored in the switch’s file system. When specifying the filename, be sure
to include the file extension “.cer”.
The TRUSTED parameter specifies whether the certificate is from a
trusted CA. The default is TRUE. Only self-signed root CA certificates are
typically set to be automatically trusted, and only after the user has
checked the certificate’s fingerprint and other details using SHOW PKI
CERTIFICATE on page 530.
The TYPE parameter specifies what type of certificate is being added.
Self signed certificates should be assigned a type of SELF. If CA is
specified, the switch tags this certificate as a CA certificate. If ENDENTITY
or EE is specified, the switch tags the certificate to indicate that it
belongs to an end entity, such as a public or private CA. The default is EE.
Note
The TRUSTED and TYPE parameters have no affect on the operation
of a certificate on the switch. You can select any permitted value for
either parameter, or you can omit the parameters. The parameters
are included only as placeholders for information in the certificate
database.
Example
The following command loads the certificate “sw12.cer” from the file
system into the certificate database. The certificate is assigned the name
“Switch 12 certificate”:
add pki certificate=”Switch 12 certificate”
location=”sw12.cer” type=self