Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

1700

NOTE: After the certificate is successfully installed, the private key is deleted

from the specified location and copied to the hidden location in NVRAM.

password

passphrase

(Optional) Enter the keyword password followed by the password phrase used to

decrypt the private key.

NOTE: You can generate the private key and certificate on another host.

While doing so, you must keep the private key encrypted with a passphrase

so that the private key is not compromised during transport. The password

phrase acts a facility to decrypt the private key before installing it on the

switch.

Defaults NA.

Command Modes EXEC Privilege

Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell Networking

OS Command Line Reference Guide.

The following is a list of the Dell Networking OS version history for this command.

Version Description

9.11.0.0 Introduced the command.

Usage Information

The following RBAC roles are allowed to issue this command:

• sysadmin

• secadmin

Certain parameters must be met in order for this command to succeed:

• The downloaded certificate should be formatted properly.

• In order for verification to work, the CA certificate must be installed on the system before running this

command.

• The downloaded certificate’s public key must correspond to the private key.

• If the certificate is not self-signed, then the CA certificate (from the CA that has signed the certificate) must

be installed on the system prior to running this command for verification to work.

NOTE: It is possible for the switch to store two types of certificates: one for the FIPS mode and one

for the non-FIPS mode. If the system is in FIPS mode, the certificate is installed as the FIPS

certificate. If the system is in non-FIPS mode, the certificate is installed as the non-FIPS certificate.

When FIPS mode is enabled or disabled, the certificates (and keys) are switched by the system.

NOTE: For the switch, there are two possible certificates stored - one for FIPS mode, one for non-

FIPS mode. If the system is in FIPS mode, the certificate will be installed as the FIPS certificate. If the

system is in non-FIPS mode, the certificate will be installed as the non-FIPS certificate. When FIPS

mode is enabled/disabled, the certificates (and keys) are switched by the system.

Related Commands

• crypto ca-cert install

1702 X.509v3