You are here: Home > CLI Commands > Just_CLI_Topics > crypto pki-import

crypto pki-import

crypto pki-import

{der|pem|pfx|pkcs12|pkcs7}

CRLCertificate Revocation List. CRL is a list of revoked certificates maintained by a certification authority.

IntermediateCA

OCSPResponderCert

OCSPSignerCert

PublicCert

ServerCert

TrustedCA

<name> <filename> [<passphrase>]

Description

The command imports certificates for the captive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. feature.

Syntax

Parameter

Description

der

Import the following certificates in .der (Distinguished Encoding Rule) format.

pem

Import a certificate in X.509X.509 is a standard for a public key infrastructure for managing digital certificates and public-key encryption. It is an essential part of the Transport Layer Security protocol used to secure web and email communication. .pem (Privacy-enhanced Electronic Mail) format.

pfx

Import a certificate in .pfx (Personal inFormation eXchange) format.

pkcs12

Import a certificate in .p12 format.

pkcs7

Import a certificate in .p7c format.

CRL

Import a Certificate Revocation List.

IntermediateCA

Import an intermediate Certificate Authority (CACertificate Authority or Certification Authority. Entity in a public key infrastructure system that issues certificates to clients. A certificate signing request received by the CA is converted into a certificate when the CA adds a signature generated with a private key. See digital certificate.) certificate.

OCSPResponderCert

Import an Online Certificate Status Protocol (OCSPOnline Certificate Status Protocol. OCSP is used for determining the current status of a digital certificate without requiring a CRL. ) Responder certificate.

OCSPSignerCert

Import an OCSPOnline Certificate Status Protocol. OCSP is used for determining the current status of a digital certificate without requiring a CRL. Signer certificate.

PublicCert

Import a public certificate.

ServerCert

Import a server certificate.

TrustedCA

Import a trusted CACertificate Authority or Certification Authority. Entity in a public key infrastructure system that issues certificates to clients. A certificate signing request received by the CA is converted into a certificate when the CA adds a signature generated with a private key. See digital certificate. certificate.

<name> <filename> <passphrase>

name– Name of the certificate.

filename– Original imported file name of the certificate.

passphrase– Optional passphrase for storing the certificate private keyThe part of a public-private key pair that is always kept private. The private key encrypts the signature of a message to authenticate the sender. The private key also decrypts a message that was encrypted with the public key of the sender..
NOTE: The passphrase is not stored in the system. It is used during the import process only.

Usage Guidelines

Use this command in enable mode to install a CSRCertificate Signing Request. In PKI systems, a CSR is a message sent from an applicant to a CA to apply for a digital identity certificate. for the Captive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. feature.

Example

The following command installs a server certificate in .der format.

(host) [md] #crypto pki-import der ServerCert cert_20

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

Licensing

Command Mode

All platforms

Base operating system.

Enable mode on Mobility Master

/*]]>*/