cancel
Showing results for 
Search instead for 
Did you mean: 

Certificates on EXOS switches

Certificates on EXOS switches

TignerD
New Contributor

Is there a way to upload a certificate from a CA to EXOS switches, 440G2? 

1 ACCEPTED SOLUTION

Brent_Addis
Contributor

Yus!

 

1. Access the Switch

  • Connect to your Extreme switch via a console cable or SSH.

2. Prepare the Certificate

  • Ensure your CA certificate is in the correct format, usually PEM (Base64 encoded).
  • Make sure the certificate file is accessible on a server or your local machine if you're using SCP or TFTP to transfer the file to the switch.

3. Transfer the Certificate to the Switch

  • You can use TFTP, FTP, or SCP to transfer the certificate file to the switch. The exact command can vary depending on the method you choose. Here's how you might do it with TFTP:

     
    download image tftp://<TFTP_SERVER_IP>/<CERTIFICATE_FILE_NAME> vr <VR-Name>

    Replace <TFTP_SERVER_IP> with your TFTP server's IP address, <CERTIFICATE_FILE_NAME> with the name of your certificate file, and <VR-Name> with the appropriate VR, usually VR-Default.

4. Install the Certificate

  • After transferring the certificate to the switch, you need to install it. Use the following command to install the CA certificate:

     
  • create crypto ca-certificate <CERTIFICATE_NAME>

    Replace <CERTIFICATE_NAME> with a name for your certificate. You'll then be prompted to paste the content of the certificate. Paste the entire content of your CA certificate file, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

5. Save Your Configuration

  • To ensure that your changes are persistent across reboots, save the configuration:

     
  • save configuration

6. Verify the Installation

  • After installing the certificate, it's a good practice to verify that it's correctly installed and recognized by the system. You might use a command like:

     
show crypto ca-certificate <CERTIFICATE_NAME>

This should display the details of the installed certificate.

-----
-Brent Addis / Extreme Black Belt #491

New to Extreme? Check out the Welcome series here - https://training.extremenetworks.com/welcome-series-1
Want to join the official Extreme learners discord? Let me know!

View solution in original post

1 REPLY 1

Brent_Addis
Contributor

Yus!

 

1. Access the Switch

  • Connect to your Extreme switch via a console cable or SSH.

2. Prepare the Certificate

  • Ensure your CA certificate is in the correct format, usually PEM (Base64 encoded).
  • Make sure the certificate file is accessible on a server or your local machine if you're using SCP or TFTP to transfer the file to the switch.

3. Transfer the Certificate to the Switch

  • You can use TFTP, FTP, or SCP to transfer the certificate file to the switch. The exact command can vary depending on the method you choose. Here's how you might do it with TFTP:

     
    download image tftp://<TFTP_SERVER_IP>/<CERTIFICATE_FILE_NAME> vr <VR-Name>

    Replace <TFTP_SERVER_IP> with your TFTP server's IP address, <CERTIFICATE_FILE_NAME> with the name of your certificate file, and <VR-Name> with the appropriate VR, usually VR-Default.

4. Install the Certificate

  • After transferring the certificate to the switch, you need to install it. Use the following command to install the CA certificate:

     
  • create crypto ca-certificate <CERTIFICATE_NAME>

    Replace <CERTIFICATE_NAME> with a name for your certificate. You'll then be prompted to paste the content of the certificate. Paste the entire content of your CA certificate file, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

5. Save Your Configuration

  • To ensure that your changes are persistent across reboots, save the configuration:

     
  • save configuration

6. Verify the Installation

  • After installing the certificate, it's a good practice to verify that it's correctly installed and recognized by the system. You might use a command like:

     
show crypto ca-certificate <CERTIFICATE_NAME>

This should display the details of the installed certificate.

-----
-Brent Addis / Extreme Black Belt #491

New to Extreme? Check out the Welcome series here - https://training.extremenetworks.com/welcome-series-1
Want to join the official Extreme learners discord? Let me know!
GTM-P2G8KFN