Software Authentication Manager Commands on Cisco IOS XR Software
sam add certificate
|
|
|
| requires user authentication. Another example is acquiring the certificate from a person or entity that | |
|
|
|
| you can verify, such as by checking the identification badge for a person. If you bypass the validation | |
|
|
|
| protection offered by the SAM, you must verify the identity and integrity of the certificate by some other | |
|
|
|
| valid process. |
|
|
|
|
| Certificates added to the memory (mem) location validate software installed in memory. Certificates | |
|
|
|
| added to the disk0 or disk1 location validate software installed on those devices, respectively. | |
|
|
|
|
| |
Note |
| If the sam add certificate command fails with a message indicating that the certificate has expired, the | |||
|
|
|
| networking device clock may have been set incorrectly. Use the show clock command to determine if | |
|
|
|
| the clock is set correctly. |
|
|
|
|
|
| |
|
|
|
|
|
|
Examples |
| The following example shows how to add the certificate found at /bootflash/ca.bin to the certificate table | |||
|
|
|
| in the root location without first validating the certificate: | |
|
|
|
| RP/0/RP0/CPU0:router# sam add certificate /bootflash/ca.bin root trust | |
|
|
|
| SAM: Successful adding certificate /bootflash/ca.bin | |
|
|
|
| The following example shows how to add the certificate found at /bootflash/css.bin to the certificate | |
|
|
|
| table in the memory (mem) location after validating the certificate: | |
|
|
|
| RP/0/RP0/CPU0:router# sam add certificate /bootflash/css.bin mem untrust | |
|
|
|
| SAM: Successful adding certificate /bootflash/css.bin | |
|
|
|
|
|
|
Related Commands |
| Command | Description | ||
|
|
|
|
|
|
|
|
|
| sam delete certificate | Deletes a certificate from the certificate table. |
|
|
|
|
|
|
|
|
|
| show sam certificate | Displays records in the certificate table, including the location of the |
|
|
|
|
| certificates. |
|
|
|
|
|
|
|
|
|
| show clock | Displays networking device clock information. |
|
|
|
|
|
|
Cisco IOS XR System Security Command Reference