Cisco Systems SR-207 Examples, Command, Description, sam delete certificate, show sam certificate

Models: SR-207

1 22
Download 22 pages 27.39 Kb
Page 3
Image 3
Examples

Software Authentication Manager Commands on Cisco IOS XR Software

sam add certificate

 

 

 

 

requires user authentication. Another example is acquiring the certificate from a person or entity that

 

 

 

 

you can verify, such as by checking the identification badge for a person. If you bypass the validation

 

 

 

 

protection offered by the SAM, you must verify the identity and integrity of the certificate by some other

 

 

 

 

valid process.

 

 

 

 

 

Certificates added to the memory (mem) location validate software installed in memory. Certificates

 

 

 

 

added to the disk0 or disk1 location validate software installed on those devices, respectively.

 

 

 

 

 

Note

 

If the sam add certificate command fails with a message indicating that the certificate has expired, the

 

 

 

 

networking device clock may have been set incorrectly. Use the show clock command to determine if

 

 

 

 

the clock is set correctly.

 

 

 

 

 

 

 

 

 

 

 

 

Examples

 

The following example shows how to add the certificate found at /bootflash/ca.bin to the certificate table

 

 

 

 

in the root location without first validating the certificate:

 

 

 

 

RP/0/RP0/CPU0:router# sam add certificate /bootflash/ca.bin root trust

 

 

 

 

SAM: Successful adding certificate /bootflash/ca.bin

 

 

 

 

The following example shows how to add the certificate found at /bootflash/css.bin to the certificate

 

 

 

 

table in the memory (mem) location after validating the certificate:

 

 

 

 

RP/0/RP0/CPU0:router# sam add certificate /bootflash/css.bin mem untrust

 

 

 

 

SAM: Successful adding certificate /bootflash/css.bin

 

 

 

 

 

 

Related Commands

 

Command

Description

 

 

 

 

 

 

 

 

 

 

sam delete certificate

Deletes a certificate from the certificate table.

 

 

 

 

 

 

 

 

 

 

show sam certificate

Displays records in the certificate table, including the location of the

 

 

 

 

 

certificates.

 

 

 

 

 

 

 

 

 

 

show clock

Displays networking device clock information.

 

 

 

 

 

 

Cisco IOS XR System Security Command Reference

SR-209
Page 3
Image 3
Cisco Systems SR-207 Examples, Command, Description, sam delete certificate, show sam certificate, show clock, SR-209