summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2024-04-29 09:49:00 +0200
committerGitHub <noreply@github.com>2024-04-29 09:49:00 +0200
commit1d6c215d182f1b0e49376f49dab58c45a10704ab (patch)
tree74244e1affffc1712c3509a0b207b7c439ab18ea
parent744ce28fde9e870ece71c400b34924642a1ba78a (diff)
parente01a1e4a38da9bc79c9ecc16509d4273912c6534 (diff)
downloadvyos-documentation-1d6c215d182f1b0e49376f49dab58c45a10704ab.tar.gz
vyos-documentation-1d6c215d182f1b0e49376f49dab58c45a10704ab.zip
Merge pull request #1406 from vyos/update-translations-current
Github: update translations
-rw-r--r--docs/_locale/de/LC_MESSAGES/cli.mobin32548 -> 32712 bytes
-rw-r--r--docs/_locale/de/LC_MESSAGES/configuration.mobin1243467 -> 1245649 bytes
-rw-r--r--docs/_locale/de/cli.pot118
-rw-r--r--docs/_locale/de/configuration.pot41
-rw-r--r--docs/_locale/en/LC_MESSAGES/cli.mobin32548 -> 32712 bytes
-rw-r--r--docs/_locale/en/LC_MESSAGES/configuration.mobin1243428 -> 1245610 bytes
-rw-r--r--docs/_locale/es/LC_MESSAGES/cli.mobin34466 -> 34630 bytes
-rw-r--r--docs/_locale/es/LC_MESSAGES/configuration.mobin1323798 -> 1325980 bytes
-rw-r--r--docs/_locale/es/cli.pot118
-rw-r--r--docs/_locale/es/configuration.pot41
-rw-r--r--docs/_locale/ja/LC_MESSAGES/cli.mobin32535 -> 32699 bytes
-rw-r--r--docs/_locale/ja/LC_MESSAGES/configuration.mobin1243415 -> 1245597 bytes
-rw-r--r--docs/_locale/ja/cli.pot118
-rw-r--r--docs/_locale/ja/configuration.pot41
-rw-r--r--docs/_locale/pt/LC_MESSAGES/cli.mobin32556 -> 32720 bytes
-rw-r--r--docs/_locale/pt/LC_MESSAGES/configuration.mobin1243436 -> 1245618 bytes
-rw-r--r--docs/_locale/pt/cli.pot118
-rw-r--r--docs/_locale/pt/configuration.pot41
-rw-r--r--docs/_locale/uk/LC_MESSAGES/cli.mobin43191 -> 43355 bytes
-rw-r--r--docs/_locale/uk/LC_MESSAGES/configuration.mobin1641072 -> 1643254 bytes
-rw-r--r--docs/_locale/uk/cli.pot118
-rw-r--r--docs/_locale/uk/configuration.pot41
22 files changed, 510 insertions, 285 deletions
diff --git a/docs/_locale/de/LC_MESSAGES/cli.mo b/docs/_locale/de/LC_MESSAGES/cli.mo
index 458b4cbd..02f6fdee 100644
--- a/docs/_locale/de/LC_MESSAGES/cli.mo
+++ b/docs/_locale/de/LC_MESSAGES/cli.mo
Binary files differ
diff --git a/docs/_locale/de/LC_MESSAGES/configuration.mo b/docs/_locale/de/LC_MESSAGES/configuration.mo
index 8be9dc20..7318a633 100644
--- a/docs/_locale/de/LC_MESSAGES/configuration.mo
+++ b/docs/_locale/de/LC_MESSAGES/configuration.mo
Binary files differ
diff --git a/docs/_locale/de/cli.pot b/docs/_locale/de/cli.pot
index 71b339f5..70bb4156 100644
--- a/docs/_locale/de/cli.pot
+++ b/docs/_locale/de/cli.pot
@@ -28,23 +28,23 @@ msgstr "**Working configuration** is the one that is currently being modified in
msgid "A VyOS system has three major types of configurations:"
msgstr "A VyOS system has three major types of configurations:"
-#: ../../cli.rst:576
+#: ../../cli.rst:579
msgid "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
msgstr "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
-#: ../../cli.rst:690
+#: ../../cli.rst:693
msgid "Access opmode from config mode"
msgstr "Access opmode from config mode"
-#: ../../cli.rst:697
+#: ../../cli.rst:700
msgid "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
msgstr "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
-#: ../../cli.rst:651
+#: ../../cli.rst:654
msgid "Add comment as an annotation to a configuration node."
msgstr "Add comment as an annotation to a configuration node."
-#: ../../cli.rst:539
+#: ../../cli.rst:542
msgid "All changes in the working config will thus be lost."
msgstr "All changes in the working config will thus be lost."
@@ -52,7 +52,7 @@ msgstr "All changes in the working config will thus be lost."
msgid "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
msgstr "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
-#: ../../cli.rst:676
+#: ../../cli.rst:679
msgid "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
msgstr "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
@@ -72,11 +72,11 @@ msgstr "By default, the configuration is displayed in a hierarchy like the above
msgid "Command Line Interface"
msgstr "Command Line Interface"
-#: ../../cli.rst:701
+#: ../../cli.rst:704
msgid "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
msgstr "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
-#: ../../cli.rst:754
+#: ../../cli.rst:757
msgid "Compare configurations"
msgstr "Compare configurations"
@@ -92,11 +92,11 @@ msgstr "Configuration Overview"
msgid "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
msgstr "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
-#: ../../cli.rst:535
+#: ../../cli.rst:538
msgid "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
msgstr "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
-#: ../../cli.rst:583
+#: ../../cli.rst:586
msgid "Copy a configuration element."
msgstr "Copy a configuration element."
@@ -104,7 +104,7 @@ msgstr "Copy a configuration element."
msgid "Editing the configuration"
msgstr "Editing the configuration"
-#: ../../cli.rst:662
+#: ../../cli.rst:665
msgid "Example:"
msgstr "Example:"
@@ -124,11 +124,11 @@ msgstr "For example typing ``sh`` followed by the ``TAB`` key will complete to `
msgid "Get a collection of all the set commands required which led to the running configuration."
msgstr "Get a collection of all the set commands required which led to the running configuration."
-#: ../../cli.rst:933
+#: ../../cli.rst:936
msgid "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
msgstr "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
-#: ../../cli.rst:919
+#: ../../cli.rst:922
msgid "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
msgstr "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
@@ -140,15 +140,15 @@ msgstr "It is also possible to display all :cfgcmd:`set` commands within configu
msgid "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
msgstr "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
-#: ../../cli.rst:723
+#: ../../cli.rst:726
msgid "Local Archive"
msgstr "Local Archive"
-#: ../../cli.rst:714
+#: ../../cli.rst:717
msgid "Managing configurations"
msgstr "Managing configurations"
-#: ../../cli.rst:627
+#: ../../cli.rst:630
msgid "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
msgstr "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
@@ -164,31 +164,31 @@ msgstr "Operational mode allows for commands to perform operational system tasks
msgid "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
msgstr "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
-#: ../../cli.rst:850
+#: ../../cli.rst:853
msgid "Remote Archive"
msgstr "Remote Archive"
-#: ../../cli.rst:616
+#: ../../cli.rst:619
msgid "Rename a configuration element."
msgstr "Rename a configuration element."
-#: ../../cli.rst:917
+#: ../../cli.rst:920
msgid "Restore Default"
msgstr "Restore Default"
-#: ../../cli.rst:725
+#: ../../cli.rst:728
msgid "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
msgstr "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
-#: ../../cli.rst:828
+#: ../../cli.rst:831
msgid "Rollback Changes"
msgstr "Rollback Changes"
-#: ../../cli.rst:835
+#: ../../cli.rst:838
msgid "Rollback to revision N (currently requires reboot)"
msgstr "Rollback to revision N (currently requires reboot)"
-#: ../../cli.rst:884
+#: ../../cli.rst:887
msgid "Saving and loading manually"
msgstr "Saving and loading manually"
@@ -200,11 +200,11 @@ msgstr "See the configuration section of this document for more information on c
msgid "Seeing and navigating the configuration"
msgstr "Seeing and navigating the configuration"
-#: ../../cli.rst:810
+#: ../../cli.rst:813
msgid "Show commit revision difference."
msgstr "Show commit revision difference."
-#: ../../cli.rst:861
+#: ../../cli.rst:864
msgid "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
msgstr "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
@@ -228,15 +228,15 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
-#: ../../cli.rst:653
+#: ../../cli.rst:656
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
-#: ../../cli.rst:784
+#: ../../cli.rst:787
msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
-#: ../../cli.rst:813
+#: ../../cli.rst:816
msgid "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
msgstr "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
@@ -252,11 +252,11 @@ msgstr "The configuration can be edited by the use of :cfgcmd:`set` and :cfgcmd:
msgid "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
msgstr "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
-#: ../../cli.rst:872
+#: ../../cli.rst:875
msgid "The number of revisions don't affect the commit-archive."
msgstr "The number of revisions don't affect the commit-archive."
-#: ../../cli.rst:930
+#: ../../cli.rst:933
msgid "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
msgstr "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
@@ -268,7 +268,7 @@ msgstr "These commands are also relative to the level you are inside and only re
msgid "These two commands above are essentially the same, just executed from different levels in the hierarchy."
msgstr "These two commands above are essentially the same, just executed from different levels in the hierarchy."
-#: ../../cli.rst:824
+#: ../../cli.rst:827
msgid "This means four commits ago we did ``set system ipv6 disable-forwarding``."
msgstr "This means four commits ago we did ``set system ipv6 disable-forwarding``."
@@ -280,7 +280,7 @@ msgstr "To delete a configuration entry use the :cfgcmd:`delete` command, this a
msgid "To enter configuration mode use the ``configure`` command:"
msgstr "To enter configuration mode use the ``configure`` command:"
-#: ../../cli.rst:658
+#: ../../cli.rst:661
msgid "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
msgstr "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
@@ -288,11 +288,11 @@ msgstr "To remove an existing comment from your current configuration, specify a
msgid "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
msgstr "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
-#: ../../cli.rst:895
+#: ../../cli.rst:898
msgid "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
msgstr "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
-#: ../../cli.rst:508
+#: ../../cli.rst:511
msgid "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
msgstr "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
@@ -300,15 +300,15 @@ msgstr "Use this command to preserve configuration changes upon reboot. By defau
msgid "Use this command to set the value of a parameter or to create a new element."
msgstr "Use this command to set the value of a parameter or to create a new element."
-#: ../../cli.rst:760
+#: ../../cli.rst:763
msgid "Use this command to spot what the differences are between different configurations."
msgstr "Use this command to spot what the differences are between different configurations."
-#: ../../cli.rst:552
+#: ../../cli.rst:555
msgid "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
msgstr "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
-#: ../../cli.rst:730
+#: ../../cli.rst:733
msgid "View all existing revisions on the local system."
msgstr "View all existing revisions on the local system."
@@ -324,7 +324,7 @@ msgstr "View the current active configuration in JSON format."
msgid "View the current active configuration in readable JSON format."
msgstr "View the current active configuration in readable JSON format."
-#: ../../cli.rst:852
+#: ../../cli.rst:855
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
@@ -332,11 +332,11 @@ msgstr "VyOS can upload the configuration to a remote location after each call t
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
-#: ../../cli.rst:716
+#: ../../cli.rst:719
msgid "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
msgstr "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
-#: ../../cli.rst:756
+#: ../../cli.rst:759
msgid "VyOS lets you compare different configurations."
msgstr "VyOS lets you compare different configurations."
@@ -348,7 +348,7 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
-#: ../../cli.rst:558
+#: ../../cli.rst:561
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
@@ -360,7 +360,7 @@ msgstr "When entering the configuration mode you are navigating inside a tree st
msgid "When going into configuration mode, prompt changes from ``$`` to ``#``."
msgstr "When going into configuration mode, prompt changes from ``$`` to ``#``."
-#: ../../cli.rst:692
+#: ../../cli.rst:695
msgid "When inside configuration mode you are not directly able to execute operational commands."
msgstr "When inside configuration mode you are not directly able to execute operational commands."
@@ -368,7 +368,7 @@ msgstr "When inside configuration mode you are not directly able to execute oper
msgid "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
msgstr "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
-#: ../../cli.rst:889
+#: ../../cli.rst:892
msgid "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
msgstr "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
@@ -384,15 +384,15 @@ msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all
msgid "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
-#: ../../cli.rst:618
+#: ../../cli.rst:621
msgid "You can also rename config subtrees:"
msgstr "You can also rename config subtrees:"
-#: ../../cli.rst:585
+#: ../../cli.rst:588
msgid "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
msgstr "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
-#: ../../cli.rst:830
+#: ../../cli.rst:833
msgid "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
msgstr "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
@@ -400,19 +400,23 @@ msgstr "You can rollback configuration changes using the rollback command. This
msgid "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
msgstr "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
-#: ../../cli.rst:747
+#: ../../cli.rst:504
+msgid "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+msgstr "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+
+#: ../../cli.rst:750
msgid "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
msgstr "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
-#: ../../cli.rst:886
+#: ../../cli.rst:889
msgid "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
msgstr "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
-#: ../../cli.rst:874
+#: ../../cli.rst:877
msgid "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
msgstr "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
-#: ../../cli.rst:927
+#: ../../cli.rst:930
msgid "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
msgstr "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
@@ -420,19 +424,19 @@ msgstr "You will be asked if you want to continue. If you accept, you will have
msgid "``b`` will scroll back one page"
msgstr "``b`` will scroll back one page"
-#: ../../cli.rst:866
+#: ../../cli.rst:869
msgid "``ftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``ftp://<user>:<passwd>@<host>/<dir>``"
-#: ../../cli.rst:870
+#: ../../cli.rst:873
msgid "``git+https://<user>:<passwd>@<host>/<path>``"
msgstr "``git+https://<user>:<passwd>@<host>/<path>``"
-#: ../../cli.rst:864
+#: ../../cli.rst:867
msgid "``http://<user>:<passwd>@<host>:/<dir>``"
msgstr "``http://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:865
+#: ../../cli.rst:868
msgid "``https://<user>:<passwd>@<host>:/<dir>``"
msgstr "``https://<user>:<passwd>@<host>:/<dir>``"
@@ -448,11 +452,11 @@ msgstr "``q`` key can be used to cancel output"
msgid "``return`` will scroll down one line"
msgstr "``return`` will scroll down one line"
-#: ../../cli.rst:868
+#: ../../cli.rst:871
msgid "``scp://<user>:<passwd>@<host>:/<dir>``"
msgstr "``scp://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:867
+#: ../../cli.rst:870
msgid "``sftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``sftp://<user>:<passwd>@<host>/<dir>``"
@@ -460,7 +464,7 @@ msgstr "``sftp://<user>:<passwd>@<host>/<dir>``"
msgid "``space`` will scroll down one page"
msgstr "``space`` will scroll down one page"
-#: ../../cli.rst:869
+#: ../../cli.rst:872
msgid "``tftp://<host>/<dir>``"
msgstr "``tftp://<host>/<dir>``"
diff --git a/docs/_locale/de/configuration.pot b/docs/_locale/de/configuration.pot
index d7052f25..f0ae9a1d 100644
--- a/docs/_locale/de/configuration.pot
+++ b/docs/_locale/de/configuration.pot
@@ -4078,6 +4078,10 @@ msgstr "Create `<user>` for local authentication on this system. The users passw
msgid "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
msgstr "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
+#: ../../configuration/pki/index.rst:373
+msgid "Create a CA chain and leaf certificates"
+msgstr "Create a CA chain and leaf certificates"
+
#: ../../configuration/interfaces/bridge.rst:199
msgid "Create a basic bridge"
msgstr "Create a basic bridge"
@@ -5839,6 +5843,7 @@ msgstr "Example synproxy"
#: ../../configuration/interfaces/macsec.rst:153
#: ../../configuration/interfaces/wireless.rst:541
#: ../../configuration/loadbalancing/reverse-proxy.rst:227
+#: ../../configuration/pki/index.rst:370
#: ../../configuration/policy/index.rst:46
#: ../../configuration/protocols/bgp.rst:1118
#: ../../configuration/protocols/isis.rst:336
@@ -6127,6 +6132,10 @@ msgstr "First, on both routers run the operational command \"generate pki key-pa
msgid "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
msgstr "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
+#: ../../configuration/pki/index.rst:393
+msgid "First, we create the root certificate authority."
+msgstr "First, we create the root certificate authority."
+
#: ../../configuration/interfaces/openvpn.rst:176
msgid "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
msgstr "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
@@ -8569,6 +8578,10 @@ msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)."
msgid "Label Distribution Protocol"
msgstr "Label Distribution Protocol"
+#: ../../configuration/pki/index.rst:447
+msgid "Lastly, we can create the leaf certificates that devices and users will utilise."
+msgstr "Lastly, we can create the leaf certificates that devices and users will utilise."
+
#: ../../configuration/interfaces/l2tpv3.rst:11
msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
@@ -9428,6 +9441,10 @@ msgid "Multiple VLAN to VNI mappings can be configured against the same SVD. Thi
msgstr "Multiple VLAN to VNI mappings can be configured against the same SVD. This allows for a significant scaling of the number of VNIs since a separate VXLAN interface is no longer required for each VNI."
#: ../../configuration/system/host-name.rst:68
+msgid "Multiple aliases can be specified per host-name."
+msgstr "Multiple aliases can be specified per host-name."
+
+#: ../../configuration/system/host-name.rst:68
msgid "Multiple aliases can pe specified per host-name."
msgstr "Multiple aliases can pe specified per host-name."
@@ -11743,6 +11760,10 @@ msgstr "Scripting"
msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
+#: ../../configuration/pki/index.rst:411
+msgid "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+msgstr "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+
#: ../../configuration/service/ipoe-server.rst:186
#: ../../configuration/service/pppoe-server.rst:148
#: ../../configuration/vpn/l2tp.rst:191
@@ -16302,6 +16323,10 @@ msgstr "This configuration enables HTTP health checks on backend servers."
msgid "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
msgstr "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
+#: ../../configuration/pki/index.rst:375
+msgid "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+msgstr "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+
#: ../../configuration/loadbalancing/reverse-proxy.rst:214
msgid "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
msgstr "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
@@ -21057,6 +21082,22 @@ msgstr "``vnc`` - Virtual Network Control (VNC)"
msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
+#: ../../configuration/pki/index.rst:386
+msgid "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+msgstr "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+
+#: ../../configuration/pki/index.rst:383
+msgid "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+msgstr "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+
+#: ../../configuration/pki/index.rst:389
+msgid "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+msgstr "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+
+#: ../../configuration/pki/index.rst:381
+msgid "``vyos_root_ca`` is the root certificate authority."
+msgstr "``vyos_root_ca`` is the root certificate authority."
+
#: ../../configuration/vpn/site2site_ipsec.rst:59
msgid "``x509`` - options for x509 authentication mode:"
msgstr "``x509`` - options for x509 authentication mode:"
diff --git a/docs/_locale/en/LC_MESSAGES/cli.mo b/docs/_locale/en/LC_MESSAGES/cli.mo
index 907726f2..4a9800a8 100644
--- a/docs/_locale/en/LC_MESSAGES/cli.mo
+++ b/docs/_locale/en/LC_MESSAGES/cli.mo
Binary files differ
diff --git a/docs/_locale/en/LC_MESSAGES/configuration.mo b/docs/_locale/en/LC_MESSAGES/configuration.mo
index e16c994d..690b62d0 100644
--- a/docs/_locale/en/LC_MESSAGES/configuration.mo
+++ b/docs/_locale/en/LC_MESSAGES/configuration.mo
Binary files differ
diff --git a/docs/_locale/es/LC_MESSAGES/cli.mo b/docs/_locale/es/LC_MESSAGES/cli.mo
index 6f9a866d..c650bc45 100644
--- a/docs/_locale/es/LC_MESSAGES/cli.mo
+++ b/docs/_locale/es/LC_MESSAGES/cli.mo
Binary files differ
diff --git a/docs/_locale/es/LC_MESSAGES/configuration.mo b/docs/_locale/es/LC_MESSAGES/configuration.mo
index 54b1a94a..fd5da1d5 100644
--- a/docs/_locale/es/LC_MESSAGES/configuration.mo
+++ b/docs/_locale/es/LC_MESSAGES/configuration.mo
Binary files differ
diff --git a/docs/_locale/es/cli.pot b/docs/_locale/es/cli.pot
index 57494692..1c4c9191 100644
--- a/docs/_locale/es/cli.pot
+++ b/docs/_locale/es/cli.pot
@@ -28,23 +28,23 @@ msgstr "**Configuración de trabajo** es la que se está modificando actualmente
msgid "A VyOS system has three major types of configurations:"
msgstr "Un sistema VyOS tiene tres tipos principales de configuraciones:"
-#: ../../cli.rst:576
+#: ../../cli.rst:579
msgid "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
msgstr "Un reinicio porque no ingresaste ``confirm`` no te llevará necesariamente a la *configuración guardada*, sino al punto anterior a la desafortunada confirmación."
-#: ../../cli.rst:690
+#: ../../cli.rst:693
msgid "Access opmode from config mode"
msgstr "Acceder al modo de operación desde el modo de configuración"
-#: ../../cli.rst:697
+#: ../../cli.rst:700
msgid "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
msgstr "El acceso a estos comandos es posible mediante el uso del comando ``ejecutar [comando]``. Desde este mando tendrás acceso a todo lo accesible desde el modo operativo."
-#: ../../cli.rst:651
+#: ../../cli.rst:654
msgid "Add comment as an annotation to a configuration node."
msgstr "Agregue un comentario como una anotación a un nodo de configuración."
-#: ../../cli.rst:539
+#: ../../cli.rst:542
msgid "All changes in the working config will thus be lost."
msgstr "Todos los cambios en la configuración de trabajo se perderán."
@@ -52,7 +52,7 @@ msgstr "Todos los cambios en la configuración de trabajo se perderán."
msgid "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
msgstr "Todos los comandos ejecutados aquí son relativos al nivel de configuración que ha ingresado. Puede hacer todo desde el nivel superior, pero los comandos serán bastante largos al escribirlos manualmente."
-#: ../../cli.rst:676
+#: ../../cli.rst:679
msgid "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
msgstr "Una cosa importante a tener en cuenta es que dado que el comentario se agrega en la parte superior de la sección, no aparecerá si el `` mostrar<section> Se utiliza el comando ``. Con el ejemplo anterior, el comando `show firewall` volvería comenzando después de la línea ``firewall {``, ocultando el comentario."
@@ -72,11 +72,11 @@ msgstr "De forma predeterminada, la configuración se muestra en una jerarquía
msgid "Command Line Interface"
msgstr "Interfaz de línea de comandos"
-#: ../../cli.rst:701
+#: ../../cli.rst:704
msgid "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
msgstr "La finalización de comandos y la ayuda de sintaxis con ``?`` y ``[tab]`` también funcionarán."
-#: ../../cli.rst:754
+#: ../../cli.rst:757
msgid "Compare configurations"
msgstr "Comparar configuraciones"
@@ -92,11 +92,11 @@ msgstr "Descripción general de la configuración"
msgid "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
msgstr "Los comandos de configuración se aplanan del árbol en comandos de &#39;una sola línea&#39; que se muestran en :opcmd:`mostrar comandos de configuración` desde el modo de operación. Los comandos son relativos al nivel en el que se ejecutan y toda la información redundante del nivel actual se elimina del comando ingresado."
-#: ../../cli.rst:535
+#: ../../cli.rst:538
msgid "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
msgstr "No se puede salir del modo de configuración mientras existan cambios no confirmados. Para salir del modo de configuración sin aplicar los cambios, se debe utilizar el comando :cfgcmd:`exit descartar`."
-#: ../../cli.rst:583
+#: ../../cli.rst:586
msgid "Copy a configuration element."
msgstr "Copie un elemento de configuración."
@@ -104,7 +104,7 @@ msgstr "Copie un elemento de configuración."
msgid "Editing the configuration"
msgstr "Editando la configuración"
-#: ../../cli.rst:662
+#: ../../cli.rst:665
msgid "Example:"
msgstr "Ejemplo:"
@@ -124,11 +124,11 @@ msgstr "Por ejemplo, al escribir ``sh`` seguido de la tecla ``TAB`` se completar
msgid "Get a collection of all the set commands required which led to the running configuration."
msgstr "Obtenga una colección de todos los comandos establecidos necesarios que condujeron a la configuración en ejecución."
-#: ../../cli.rst:933
+#: ../../cli.rst:936
msgid "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
msgstr "Si está conectado de forma remota, perderá su conexión. Es posible que desee copiar primero la configuración, editarla para garantizar la conectividad y cargar la configuración editada."
-#: ../../cli.rst:919
+#: ../../cli.rst:922
msgid "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
msgstr "En el caso de que desee eliminar completamente su configuración y restaurar la predeterminada, puede ingresar el siguiente comando en el modo de configuración:"
@@ -140,15 +140,15 @@ msgstr "It is also possible to display all :cfgcmd:`set` commands within configu
msgid "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
msgstr "También es posible mostrar todos los comandos `set` dentro del modo de configuración usando :cfgcmd:`show | comandos`"
-#: ../../cli.rst:723
+#: ../../cli.rst:726
msgid "Local Archive"
msgstr "Archivo local"
-#: ../../cli.rst:714
+#: ../../cli.rst:717
msgid "Managing configurations"
msgstr "Administrar configuraciones"
-#: ../../cli.rst:627
+#: ../../cli.rst:630
msgid "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
msgstr "Tenga en cuenta que el comando ``mostrar`` respeta su nivel de edición y desde este nivel puede ver el conjunto de reglas de firewall modificado con solo ``mostrar`` sin parámetros."
@@ -164,31 +164,31 @@ msgstr "El modo operativo permite que los comandos realicen tareas operativas de
msgid "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
msgstr "Cambios rápidos de ``$`` a ``#``. Para salir del modo de configuración, escriba ``exit``."
-#: ../../cli.rst:850
+#: ../../cli.rst:853
msgid "Remote Archive"
msgstr "Archivo remoto"
-#: ../../cli.rst:616
+#: ../../cli.rst:619
msgid "Rename a configuration element."
msgstr "Cambiar el nombre de un elemento de configuración."
-#: ../../cli.rst:917
+#: ../../cli.rst:920
msgid "Restore Default"
msgstr "Restaurar predeterminado"
-#: ../../cli.rst:725
+#: ../../cli.rst:728
msgid "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
msgstr "Las revisiones se almacenan en el disco. Puede verlos, compararlos y revertirlos a cualquier revisión anterior si algo sale mal."
-#: ../../cli.rst:828
+#: ../../cli.rst:831
msgid "Rollback Changes"
msgstr "Cambios de reversión"
-#: ../../cli.rst:835
+#: ../../cli.rst:838
msgid "Rollback to revision N (currently requires reboot)"
msgstr "Retroceder a la revisión N (actualmente requiere reiniciar)"
-#: ../../cli.rst:884
+#: ../../cli.rst:887
msgid "Saving and loading manually"
msgstr "Guardar y cargar manualmente"
@@ -200,11 +200,11 @@ msgstr "Consulte la sección de configuración de este documento para obtener m
msgid "Seeing and navigating the configuration"
msgstr "Ver y navegar por la configuración"
-#: ../../cli.rst:810
+#: ../../cli.rst:813
msgid "Show commit revision difference."
msgstr "Mostrar diferencia de revisión de confirmación."
-#: ../../cli.rst:861
+#: ../../cli.rst:864
msgid "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
msgstr "Especifique la ubicación remota del archivo de confirmación como cualquiera de los siguientes :abbr:`URI (Identificador uniforme de recursos)`"
@@ -228,15 +228,15 @@ msgstr "El comando :cfgcmd:`show` dentro del modo de configuración mostrará la
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
msgstr "El comando ``comentario`` le permite insertar un comentario encima del ``<config node> `` sección de configuración. Cuando se muestran, los comentarios se encierran con ``/*`` y ``*/`` como delimitadores de apertura/cierre. Los comentarios deben confirmarse, al igual que otros cambios de configuración."
-#: ../../cli.rst:653
+#: ../../cli.rst:656
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
-#: ../../cli.rst:784
+#: ../../cli.rst:787
msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
msgstr "El comando :cfgcmd:`compare` le permite comparar diferentes tipos de configuraciones. También le permite comparar diferentes revisiones a través del comando :cfgcmd:`compare NM`, donde N y M son números de revisión. La salida describirá cómo es la configuración N en comparación con M indicando con un signo más (``+``) las partes adicionales que tiene N en comparación con M, e indicando con un signo menos (``-``) las que faltan. las partes N fallan en comparación con M."
-#: ../../cli.rst:813
+#: ../../cli.rst:816
msgid "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
msgstr "El comando anterior también te permite ver la diferencia entre dos confirmaciones. De forma predeterminada, se muestra la diferencia con la configuración en ejecución."
@@ -252,11 +252,11 @@ msgstr "La configuración se puede editar mediante el uso de los comandos :cfgcm
msgid "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
msgstr "El nivel de jerarquía actual se puede cambiar con el comando :cfgcmd:`edit`."
-#: ../../cli.rst:872
+#: ../../cli.rst:875
msgid "The number of revisions don't affect the commit-archive."
msgstr "El número de revisiones no afecta el archivo de confirmación."
-#: ../../cli.rst:930
+#: ../../cli.rst:933
msgid "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
msgstr "Entonces es posible que desee :cfgcmd:`save` para eliminar también la configuración guardada."
@@ -268,7 +268,7 @@ msgstr "Estos comandos también son relativos al nivel en el que se encuentra y
msgid "These two commands above are essentially the same, just executed from different levels in the hierarchy."
msgstr "Estos dos comandos anteriores son esencialmente los mismos, solo que se ejecutan desde diferentes niveles en la jerarquía."
-#: ../../cli.rst:824
+#: ../../cli.rst:827
msgid "This means four commits ago we did ``set system ipv6 disable-forwarding``."
msgstr "Esto significa que hace cuatro confirmaciones hicimos ``set system ipv6 disabled-forwarding``."
@@ -280,7 +280,7 @@ msgstr "Para eliminar una entrada de configuración, use el comando :cfgcmd:`del
msgid "To enter configuration mode use the ``configure`` command:"
msgstr "Para ingresar al modo de configuración use el comando ``configure``:"
-#: ../../cli.rst:658
+#: ../../cli.rst:661
msgid "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
msgstr "Para eliminar un comentario existente de su configuración actual, especifique una cadena vacía entre comillas dobles (``&quot;&quot;``) como texto del comentario."
@@ -288,11 +288,11 @@ msgstr "Para eliminar un comentario existente de su configuración actual, espec
msgid "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
msgstr "Use los comandos ``mostrar configuración | comando strip-private`` cuando desee ocultar datos privados. Es posible que desee hacerlo si desea compartir su configuración en el `foro`_."
-#: ../../cli.rst:895
+#: ../../cli.rst:898
msgid "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
msgstr "Utilice este comando para cargar una configuración que reemplazará la configuración en ejecución. Defina la ubicación del archivo de configuración que se va a cargar. Puede utilizar una ruta a un archivo local, una dirección SCP, una dirección SFTP, una dirección FTP, una dirección HTTP, una dirección HTTPS o una dirección TFTP."
-#: ../../cli.rst:508
+#: ../../cli.rst:511
msgid "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
msgstr "Utilice este comando para conservar los cambios de configuración al reiniciar. De forma predeterminada, se almacena en */config/config.boot*. En caso de que desee almacenar el archivo de configuración en otro lugar, puede agregar una ruta local, una dirección SCP, una dirección FTP o una dirección TFTP."
@@ -300,15 +300,15 @@ msgstr "Utilice este comando para conservar los cambios de configuración al rei
msgid "Use this command to set the value of a parameter or to create a new element."
msgstr "Utilice este comando para establecer el valor de un parámetro o para crear un nuevo elemento."
-#: ../../cli.rst:760
+#: ../../cli.rst:763
msgid "Use this command to spot what the differences are between different configurations."
msgstr "Use este comando para detectar cuáles son las diferencias entre las diferentes configuraciones."
-#: ../../cli.rst:552
+#: ../../cli.rst:555
msgid "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
msgstr "Utilice este comando para confirmar temporalmente sus cambios y establecer la cantidad de minutos disponibles para la validación. Se debe ingresar ``confirmar`` dentro de esos minutos, de lo contrario, el sistema se reiniciará con la configuración anterior. El valor predeterminado es 10 minutos."
-#: ../../cli.rst:730
+#: ../../cli.rst:733
msgid "View all existing revisions on the local system."
msgstr "Ver todas las revisiones existentes en el sistema local."
@@ -324,7 +324,7 @@ msgstr "Ver la configuración activa actual en formato JSON."
msgid "View the current active configuration in readable JSON format."
msgstr "Vea la configuración activa actual en formato JSON legible."
-#: ../../cli.rst:852
+#: ../../cli.rst:855
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
@@ -332,11 +332,11 @@ msgstr "VyOS can upload the configuration to a remote location after each call t
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS puede cargar la configuración en una ubicación remota después de cada llamada a :cfgcmd:`commit`. Deberá establecer la ubicación del archivo de confirmación. Se admiten servidores TFTP, FTP, SCP y SFTP. Cada vez que un :cfgcmd:`commit` tiene éxito, el archivo ``config.boot`` se copiará en los destinos definidos. El nombre de archivo utilizado en el host remoto será ``config.boot-hostname.YYYYMMDD_HHMMSS``."
-#: ../../cli.rst:716
+#: ../../cli.rst:719
msgid "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
msgstr "VyOS viene con un sistema de control de versiones integrado para la configuración del sistema. Mantiene automáticamente una copia de seguridad de todas las configuraciones anteriores que se han comprometido en el sistema. Las configuraciones se versionan localmente para revertirlas, pero también se pueden almacenar en un host remoto por razones de archivado/copia de seguridad."
-#: ../../cli.rst:756
+#: ../../cli.rst:759
msgid "VyOS lets you compare different configurations."
msgstr "VyOS le permite comparar diferentes configuraciones."
@@ -348,7 +348,7 @@ msgstr "VyOS utiliza un archivo de configuración unificado para la configuraci
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "¿Qué pasa si estás haciendo algo peligroso? Suponga que desea configurar un firewall y no está seguro de que no haya errores que lo bloqueen del sistema. Puede usar la confirmación confirmada. Si ejecuta el comando ``commit-confirm``, sus cambios se confirmarán, y si no ejecuta el comando ``confirm`` en 10 minutos, su sistema se reiniciará con la revisión de configuración anterior."
-#: ../../cli.rst:558
+#: ../../cli.rst:561
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
@@ -360,7 +360,7 @@ msgstr "Al ingresar al modo de configuración, está navegando dentro de una est
msgid "When going into configuration mode, prompt changes from ``$`` to ``#``."
msgstr "Al ingresar al modo de configuración, el aviso cambia de ``$`` a ``#``."
-#: ../../cli.rst:692
+#: ../../cli.rst:695
msgid "When inside configuration mode you are not directly able to execute operational commands."
msgstr "Cuando está dentro del modo de configuración, no puede ejecutar directamente los comandos operativos."
@@ -368,7 +368,7 @@ msgstr "Cuando está dentro del modo de configuración, no puede ejecutar direct
msgid "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
msgstr "Cuando la salida de un comando da como resultado más líneas de las que se pueden mostrar en la pantalla de la terminal, la salida se pagina como lo indica un indicador ``:``."
-#: ../../cli.rst:889
+#: ../../cli.rst:892
msgid "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
msgstr "Al usar el comando save_, puede agregar una ubicación específica donde almacenar su archivo de configuración. Y, cuando lo necesites, podrás cargarlo con el comando ``load``:"
@@ -384,15 +384,15 @@ msgstr "Ahora se encuentra en un subnivel relativo a ``interfaces ethernet eth0`
msgid "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
-#: ../../cli.rst:618
+#: ../../cli.rst:621
msgid "You can also rename config subtrees:"
msgstr "También puede cambiar el nombre de los subárboles de configuración:"
-#: ../../cli.rst:585
+#: ../../cli.rst:588
msgid "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
msgstr "Puede copiar y eliminar subárboles de configuración. Suponga que configura un conjunto de reglas de cortafuegos ``FromWorld`` con una regla que permite el tráfico desde una subred específica. Ahora desea configurar una regla similar, pero para una subred diferente. Cambie su nivel de edición a ``nombre de firewall FromWorld`` y use ``copie la regla 10 a la regla 20``, luego modifique la regla 20."
-#: ../../cli.rst:830
+#: ../../cli.rst:833
msgid "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
msgstr "Puede revertir los cambios de configuración mediante el comando de reversión. Esto aplicará la revisión seleccionada y activará un reinicio del sistema."
@@ -400,19 +400,23 @@ msgstr "Puede revertir los cambios de configuración mediante el comando de reve
msgid "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
msgstr "Puedes desplazarte hacia arriba con las teclas ``[Shift]+[PageUp]`` y desplazarte hacia abajo con ``[Shift]+[PageDown]``."
-#: ../../cli.rst:747
+#: ../../cli.rst:504
+msgid "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+msgstr "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+
+#: ../../cli.rst:750
msgid "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
msgstr "Puede especificar el número de revisiones almacenadas en el disco. N puede estar en el rango de 0 a 65535. Cuando el número de revisiones supera el valor configurado, se elimina la revisión más antigua. La configuración predeterminada para este valor es almacenar 100 revisiones localmente."
-#: ../../cli.rst:886
+#: ../../cli.rst:889
msgid "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
msgstr "Puede usar los comandos ``guardar`` y ``cargar`` si desea administrar manualmente archivos de configuración específicos."
-#: ../../cli.rst:874
+#: ../../cli.rst:877
msgid "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
msgstr "Es posible que VyOS no permita la conexión segura porque no puede verificar la legitimidad del servidor remoto. Puede usar la solución a continuación para agregar rápidamente la huella digital SSH del host remoto a su archivo ``~/.ssh/known_hosts``:"
-#: ../../cli.rst:927
+#: ../../cli.rst:930
msgid "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
msgstr "Se le preguntará si desea continuar. Si acepta, deberá usar :cfgcmd:`commit` si desea activar los cambios."
@@ -420,19 +424,19 @@ msgstr "Se le preguntará si desea continuar. Si acepta, deberá usar :cfgcmd:`c
msgid "``b`` will scroll back one page"
msgstr "``b`` retrocederá una página"
-#: ../../cli.rst:866
+#: ../../cli.rst:869
msgid "``ftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``ftp://<user> :<passwd> @<host> /<dir> ``"
-#: ../../cli.rst:870
+#: ../../cli.rst:873
msgid "``git+https://<user>:<passwd>@<host>/<path>``"
msgstr "``git+https://<user>:<passwd>@<host>/<path>``"
-#: ../../cli.rst:864
+#: ../../cli.rst:867
msgid "``http://<user>:<passwd>@<host>:/<dir>``"
msgstr "``http://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:865
+#: ../../cli.rst:868
msgid "``https://<user>:<passwd>@<host>:/<dir>``"
msgstr "``https://<user>:<passwd>@<host>:/<dir>``"
@@ -448,11 +452,11 @@ msgstr "La tecla ``q`` se puede utilizar para cancelar la salida"
msgid "``return`` will scroll down one line"
msgstr "``return`` se desplazará una línea hacia abajo"
-#: ../../cli.rst:868
+#: ../../cli.rst:871
msgid "``scp://<user>:<passwd>@<host>:/<dir>``"
msgstr "``scp://<user> :<passwd> @<host> :/<dir> ``"
-#: ../../cli.rst:867
+#: ../../cli.rst:870
msgid "``sftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``sftp://<user> :<passwd> @<host> /<dir> ``"
@@ -460,7 +464,7 @@ msgstr "``sftp://<user> :<passwd> @<host> /<dir> ``"
msgid "``space`` will scroll down one page"
msgstr "``espacio`` se desplazará hacia abajo una página"
-#: ../../cli.rst:869
+#: ../../cli.rst:872
msgid "``tftp://<host>/<dir>``"
msgstr "``tftp://<host> /<dir> ``"
diff --git a/docs/_locale/es/configuration.pot b/docs/_locale/es/configuration.pot
index f222d78e..b7b3a78a 100644
--- a/docs/_locale/es/configuration.pot
+++ b/docs/_locale/es/configuration.pot
@@ -4078,6 +4078,10 @@ msgstr "Crear `<user> ` para la autenticación local en este sistema. La contras
msgid "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
msgstr "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
+#: ../../configuration/pki/index.rst:373
+msgid "Create a CA chain and leaf certificates"
+msgstr "Create a CA chain and leaf certificates"
+
#: ../../configuration/interfaces/bridge.rst:199
msgid "Create a basic bridge"
msgstr "Crear un puente básico"
@@ -5839,6 +5843,7 @@ msgstr "Example synproxy"
#: ../../configuration/interfaces/macsec.rst:153
#: ../../configuration/interfaces/wireless.rst:541
#: ../../configuration/loadbalancing/reverse-proxy.rst:227
+#: ../../configuration/pki/index.rst:370
#: ../../configuration/policy/index.rst:46
#: ../../configuration/protocols/bgp.rst:1118
#: ../../configuration/protocols/isis.rst:336
@@ -6127,6 +6132,10 @@ msgstr "Primero, en ambos enrutadores ejecute el comando operativo &quot;generar
msgid "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
msgstr "Primero, uno de los sistemas genera la clave usando :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki> `comando. Una vez generada, deberá instalar esta clave en el sistema local, luego copiar e instalar esta clave en el enrutador remoto."
+#: ../../configuration/pki/index.rst:393
+msgid "First, we create the root certificate authority."
+msgstr "First, we create the root certificate authority."
+
#: ../../configuration/interfaces/openvpn.rst:176
msgid "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
msgstr "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
@@ -8569,6 +8578,10 @@ msgstr "Los LNS se utilizan a menudo para conectarse a un LAC (concentrador de a
msgid "Label Distribution Protocol"
msgstr "Protocolo de distribución de etiquetas"
+#: ../../configuration/pki/index.rst:447
+msgid "Lastly, we can create the leaf certificates that devices and users will utilise."
+msgstr "Lastly, we can create the leaf certificates that devices and users will utilise."
+
#: ../../configuration/interfaces/l2tpv3.rst:11
msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
msgstr "Layer 2 Tunneling Protocol Version 3 es un estándar IETF relacionado con L2TP que se puede utilizar como un protocolo alternativo a :ref:`mpls` para la encapsulación del tráfico de comunicaciones multiprotocolo de Capa 2 a través de redes IP. Al igual que L2TP, L2TPv3 proporciona un servicio de pseudocable, pero está escalado para adaptarse a los requisitos del operador."
@@ -9428,6 +9441,10 @@ msgid "Multiple VLAN to VNI mappings can be configured against the same SVD. Thi
msgstr "Multiple VLAN to VNI mappings can be configured against the same SVD. This allows for a significant scaling of the number of VNIs since a separate VXLAN interface is no longer required for each VNI."
#: ../../configuration/system/host-name.rst:68
+msgid "Multiple aliases can be specified per host-name."
+msgstr "Multiple aliases can be specified per host-name."
+
+#: ../../configuration/system/host-name.rst:68
msgid "Multiple aliases can pe specified per host-name."
msgstr "Se pueden especificar varios alias por nombre de host."
@@ -11743,6 +11760,10 @@ msgstr "secuencias de comandos"
msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
+#: ../../configuration/pki/index.rst:411
+msgid "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+msgstr "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+
#: ../../configuration/service/ipoe-server.rst:186
#: ../../configuration/service/pppoe-server.rst:148
#: ../../configuration/vpn/l2tp.rst:191
@@ -16302,6 +16323,10 @@ msgstr "This configuration enables HTTP health checks on backend servers."
msgid "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
msgstr "Esta configuración habilita el proxy inverso TCP para el servicio &quot;my-tcp-api&quot;. Las conexiones TCP entrantes en el puerto 8888 se equilibrarán en la carga de los servidores backend (srv01 y srv02) mediante el algoritmo de equilibrio de carga por turnos."
+#: ../../configuration/pki/index.rst:375
+msgid "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+msgstr "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+
#: ../../configuration/loadbalancing/reverse-proxy.rst:214
msgid "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
msgstr "Esta configuración escucha en el puerto 80 y redirige las solicitudes entrantes a HTTPS:"
@@ -21057,6 +21082,22 @@ msgstr "``vnc`` - Control de red virtual (VNC)"
msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
msgstr "``vti``: utiliza una interfaz VTI para el cifrado del tráfico. Cualquier tráfico que se envíe a la interfaz VTI se cifrará y se enviará a este par. El uso de VTI hace que la configuración de IPSec sea mucho más flexible y fácil en situaciones complejas, y permite agregar/eliminar dinámicamente redes remotas, accesibles a través de un par, ya que en este modo el enrutador no necesita crear SA/política adicional para cada red remota:"
+#: ../../configuration/pki/index.rst:386
+msgid "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+msgstr "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+
+#: ../../configuration/pki/index.rst:383
+msgid "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+msgstr "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+
+#: ../../configuration/pki/index.rst:389
+msgid "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+msgstr "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+
+#: ../../configuration/pki/index.rst:381
+msgid "``vyos_root_ca`` is the root certificate authority."
+msgstr "``vyos_root_ca`` is the root certificate authority."
+
#: ../../configuration/vpn/site2site_ipsec.rst:59
msgid "``x509`` - options for x509 authentication mode:"
msgstr "``x509`` - opciones para el modo de autenticación x509:"
diff --git a/docs/_locale/ja/LC_MESSAGES/cli.mo b/docs/_locale/ja/LC_MESSAGES/cli.mo
index 13bdb5b1..2f10af5f 100644
--- a/docs/_locale/ja/LC_MESSAGES/cli.mo
+++ b/docs/_locale/ja/LC_MESSAGES/cli.mo
Binary files differ
diff --git a/docs/_locale/ja/LC_MESSAGES/configuration.mo b/docs/_locale/ja/LC_MESSAGES/configuration.mo
index c44576cb..04847737 100644
--- a/docs/_locale/ja/LC_MESSAGES/configuration.mo
+++ b/docs/_locale/ja/LC_MESSAGES/configuration.mo
Binary files differ
diff --git a/docs/_locale/ja/cli.pot b/docs/_locale/ja/cli.pot
index 5c4bfdac..66a82fac 100644
--- a/docs/_locale/ja/cli.pot
+++ b/docs/_locale/ja/cli.pot
@@ -28,23 +28,23 @@ msgstr "**Working configuration** is the one that is currently being modified in
msgid "A VyOS system has three major types of configurations:"
msgstr "A VyOS system has three major types of configurations:"
-#: ../../cli.rst:576
+#: ../../cli.rst:579
msgid "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
msgstr "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
-#: ../../cli.rst:690
+#: ../../cli.rst:693
msgid "Access opmode from config mode"
msgstr "Access opmode from config mode"
-#: ../../cli.rst:697
+#: ../../cli.rst:700
msgid "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
msgstr "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
-#: ../../cli.rst:651
+#: ../../cli.rst:654
msgid "Add comment as an annotation to a configuration node."
msgstr "Add comment as an annotation to a configuration node."
-#: ../../cli.rst:539
+#: ../../cli.rst:542
msgid "All changes in the working config will thus be lost."
msgstr "All changes in the working config will thus be lost."
@@ -52,7 +52,7 @@ msgstr "All changes in the working config will thus be lost."
msgid "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
msgstr "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
-#: ../../cli.rst:676
+#: ../../cli.rst:679
msgid "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
msgstr "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
@@ -72,11 +72,11 @@ msgstr "By default, the configuration is displayed in a hierarchy like the above
msgid "Command Line Interface"
msgstr "Command Line Interface"
-#: ../../cli.rst:701
+#: ../../cli.rst:704
msgid "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
msgstr "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
-#: ../../cli.rst:754
+#: ../../cli.rst:757
msgid "Compare configurations"
msgstr "Compare configurations"
@@ -92,11 +92,11 @@ msgstr "Configuration Overview"
msgid "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
msgstr "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
-#: ../../cli.rst:535
+#: ../../cli.rst:538
msgid "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
msgstr "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
-#: ../../cli.rst:583
+#: ../../cli.rst:586
msgid "Copy a configuration element."
msgstr "Copy a configuration element."
@@ -104,7 +104,7 @@ msgstr "Copy a configuration element."
msgid "Editing the configuration"
msgstr "Editing the configuration"
-#: ../../cli.rst:662
+#: ../../cli.rst:665
msgid "Example:"
msgstr "Example:"
@@ -124,11 +124,11 @@ msgstr "For example typing ``sh`` followed by the ``TAB`` key will complete to `
msgid "Get a collection of all the set commands required which led to the running configuration."
msgstr "Get a collection of all the set commands required which led to the running configuration."
-#: ../../cli.rst:933
+#: ../../cli.rst:936
msgid "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
msgstr "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
-#: ../../cli.rst:919
+#: ../../cli.rst:922
msgid "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
msgstr "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
@@ -140,15 +140,15 @@ msgstr "It is also possible to display all :cfgcmd:`set` commands within configu
msgid "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
msgstr "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
-#: ../../cli.rst:723
+#: ../../cli.rst:726
msgid "Local Archive"
msgstr "Local Archive"
-#: ../../cli.rst:714
+#: ../../cli.rst:717
msgid "Managing configurations"
msgstr "Managing configurations"
-#: ../../cli.rst:627
+#: ../../cli.rst:630
msgid "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
msgstr "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
@@ -164,31 +164,31 @@ msgstr "Operational mode allows for commands to perform operational system tasks
msgid "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
msgstr "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
-#: ../../cli.rst:850
+#: ../../cli.rst:853
msgid "Remote Archive"
msgstr "Remote Archive"
-#: ../../cli.rst:616
+#: ../../cli.rst:619
msgid "Rename a configuration element."
msgstr "Rename a configuration element."
-#: ../../cli.rst:917
+#: ../../cli.rst:920
msgid "Restore Default"
msgstr "Restore Default"
-#: ../../cli.rst:725
+#: ../../cli.rst:728
msgid "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
msgstr "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
-#: ../../cli.rst:828
+#: ../../cli.rst:831
msgid "Rollback Changes"
msgstr "Rollback Changes"
-#: ../../cli.rst:835
+#: ../../cli.rst:838
msgid "Rollback to revision N (currently requires reboot)"
msgstr "Rollback to revision N (currently requires reboot)"
-#: ../../cli.rst:884
+#: ../../cli.rst:887
msgid "Saving and loading manually"
msgstr "Saving and loading manually"
@@ -200,11 +200,11 @@ msgstr "See the configuration section of this document for more information on c
msgid "Seeing and navigating the configuration"
msgstr "Seeing and navigating the configuration"
-#: ../../cli.rst:810
+#: ../../cli.rst:813
msgid "Show commit revision difference."
msgstr "Show commit revision difference."
-#: ../../cli.rst:861
+#: ../../cli.rst:864
msgid "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
msgstr "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
@@ -228,15 +228,15 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
-#: ../../cli.rst:653
+#: ../../cli.rst:656
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
-#: ../../cli.rst:784
+#: ../../cli.rst:787
msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
-#: ../../cli.rst:813
+#: ../../cli.rst:816
msgid "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
msgstr "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
@@ -252,11 +252,11 @@ msgstr "The configuration can be edited by the use of :cfgcmd:`set` and :cfgcmd:
msgid "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
msgstr "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
-#: ../../cli.rst:872
+#: ../../cli.rst:875
msgid "The number of revisions don't affect the commit-archive."
msgstr "The number of revisions don't affect the commit-archive."
-#: ../../cli.rst:930
+#: ../../cli.rst:933
msgid "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
msgstr "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
@@ -268,7 +268,7 @@ msgstr "These commands are also relative to the level you are inside and only re
msgid "These two commands above are essentially the same, just executed from different levels in the hierarchy."
msgstr "These two commands above are essentially the same, just executed from different levels in the hierarchy."
-#: ../../cli.rst:824
+#: ../../cli.rst:827
msgid "This means four commits ago we did ``set system ipv6 disable-forwarding``."
msgstr "This means four commits ago we did ``set system ipv6 disable-forwarding``."
@@ -280,7 +280,7 @@ msgstr "To delete a configuration entry use the :cfgcmd:`delete` command, this a
msgid "To enter configuration mode use the ``configure`` command:"
msgstr "To enter configuration mode use the ``configure`` command:"
-#: ../../cli.rst:658
+#: ../../cli.rst:661
msgid "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
msgstr "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
@@ -288,11 +288,11 @@ msgstr "To remove an existing comment from your current configuration, specify a
msgid "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
msgstr "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
-#: ../../cli.rst:895
+#: ../../cli.rst:898
msgid "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
msgstr "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
-#: ../../cli.rst:508
+#: ../../cli.rst:511
msgid "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
msgstr "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
@@ -300,15 +300,15 @@ msgstr "Use this command to preserve configuration changes upon reboot. By defau
msgid "Use this command to set the value of a parameter or to create a new element."
msgstr "Use this command to set the value of a parameter or to create a new element."
-#: ../../cli.rst:760
+#: ../../cli.rst:763
msgid "Use this command to spot what the differences are between different configurations."
msgstr "Use this command to spot what the differences are between different configurations."
-#: ../../cli.rst:552
+#: ../../cli.rst:555
msgid "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
msgstr "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
-#: ../../cli.rst:730
+#: ../../cli.rst:733
msgid "View all existing revisions on the local system."
msgstr "View all existing revisions on the local system."
@@ -324,7 +324,7 @@ msgstr "View the current active configuration in JSON format."
msgid "View the current active configuration in readable JSON format."
msgstr "View the current active configuration in readable JSON format."
-#: ../../cli.rst:852
+#: ../../cli.rst:855
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
@@ -332,11 +332,11 @@ msgstr "VyOS can upload the configuration to a remote location after each call t
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
-#: ../../cli.rst:716
+#: ../../cli.rst:719
msgid "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
msgstr "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
-#: ../../cli.rst:756
+#: ../../cli.rst:759
msgid "VyOS lets you compare different configurations."
msgstr "VyOS lets you compare different configurations."
@@ -348,7 +348,7 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
-#: ../../cli.rst:558
+#: ../../cli.rst:561
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
@@ -360,7 +360,7 @@ msgstr "When entering the configuration mode you are navigating inside a tree st
msgid "When going into configuration mode, prompt changes from ``$`` to ``#``."
msgstr "When going into configuration mode, prompt changes from ``$`` to ``#``."
-#: ../../cli.rst:692
+#: ../../cli.rst:695
msgid "When inside configuration mode you are not directly able to execute operational commands."
msgstr "When inside configuration mode you are not directly able to execute operational commands."
@@ -368,7 +368,7 @@ msgstr "When inside configuration mode you are not directly able to execute oper
msgid "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
msgstr "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
-#: ../../cli.rst:889
+#: ../../cli.rst:892
msgid "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
msgstr "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
@@ -384,15 +384,15 @@ msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all
msgid "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
-#: ../../cli.rst:618
+#: ../../cli.rst:621
msgid "You can also rename config subtrees:"
msgstr "You can also rename config subtrees:"
-#: ../../cli.rst:585
+#: ../../cli.rst:588
msgid "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
msgstr "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
-#: ../../cli.rst:830
+#: ../../cli.rst:833
msgid "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
msgstr "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
@@ -400,19 +400,23 @@ msgstr "You can rollback configuration changes using the rollback command. This
msgid "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
msgstr "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
-#: ../../cli.rst:747
+#: ../../cli.rst:504
+msgid "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+msgstr "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+
+#: ../../cli.rst:750
msgid "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
msgstr "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
-#: ../../cli.rst:886
+#: ../../cli.rst:889
msgid "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
msgstr "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
-#: ../../cli.rst:874
+#: ../../cli.rst:877
msgid "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
msgstr "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
-#: ../../cli.rst:927
+#: ../../cli.rst:930
msgid "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
msgstr "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
@@ -420,19 +424,19 @@ msgstr "You will be asked if you want to continue. If you accept, you will have
msgid "``b`` will scroll back one page"
msgstr "``b`` will scroll back one page"
-#: ../../cli.rst:866
+#: ../../cli.rst:869
msgid "``ftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``ftp://<user>:<passwd>@<host>/<dir>``"
-#: ../../cli.rst:870
+#: ../../cli.rst:873
msgid "``git+https://<user>:<passwd>@<host>/<path>``"
msgstr "``git+https://<user>:<passwd>@<host>/<path>``"
-#: ../../cli.rst:864
+#: ../../cli.rst:867
msgid "``http://<user>:<passwd>@<host>:/<dir>``"
msgstr "``http://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:865
+#: ../../cli.rst:868
msgid "``https://<user>:<passwd>@<host>:/<dir>``"
msgstr "``https://<user>:<passwd>@<host>:/<dir>``"
@@ -448,11 +452,11 @@ msgstr "``q`` key can be used to cancel output"
msgid "``return`` will scroll down one line"
msgstr "``return`` will scroll down one line"
-#: ../../cli.rst:868
+#: ../../cli.rst:871
msgid "``scp://<user>:<passwd>@<host>:/<dir>``"
msgstr "``scp://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:867
+#: ../../cli.rst:870
msgid "``sftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``sftp://<user>:<passwd>@<host>/<dir>``"
@@ -460,7 +464,7 @@ msgstr "``sftp://<user>:<passwd>@<host>/<dir>``"
msgid "``space`` will scroll down one page"
msgstr "``space`` will scroll down one page"
-#: ../../cli.rst:869
+#: ../../cli.rst:872
msgid "``tftp://<host>/<dir>``"
msgstr "``tftp://<host>/<dir>``"
diff --git a/docs/_locale/ja/configuration.pot b/docs/_locale/ja/configuration.pot
index b6d20274..3518562b 100644
--- a/docs/_locale/ja/configuration.pot
+++ b/docs/_locale/ja/configuration.pot
@@ -4078,6 +4078,10 @@ msgstr "Create `<user>` for local authentication on this system. The users passw
msgid "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
msgstr "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
+#: ../../configuration/pki/index.rst:373
+msgid "Create a CA chain and leaf certificates"
+msgstr "Create a CA chain and leaf certificates"
+
#: ../../configuration/interfaces/bridge.rst:199
msgid "Create a basic bridge"
msgstr "Create a basic bridge"
@@ -5839,6 +5843,7 @@ msgstr "Example synproxy"
#: ../../configuration/interfaces/macsec.rst:153
#: ../../configuration/interfaces/wireless.rst:541
#: ../../configuration/loadbalancing/reverse-proxy.rst:227
+#: ../../configuration/pki/index.rst:370
#: ../../configuration/policy/index.rst:46
#: ../../configuration/protocols/bgp.rst:1118
#: ../../configuration/protocols/isis.rst:336
@@ -6127,6 +6132,10 @@ msgstr "First, on both routers run the operational command \"generate pki key-pa
msgid "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
msgstr "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
+#: ../../configuration/pki/index.rst:393
+msgid "First, we create the root certificate authority."
+msgstr "First, we create the root certificate authority."
+
#: ../../configuration/interfaces/openvpn.rst:176
msgid "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
msgstr "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
@@ -8569,6 +8578,10 @@ msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)."
msgid "Label Distribution Protocol"
msgstr "Label Distribution Protocol"
+#: ../../configuration/pki/index.rst:447
+msgid "Lastly, we can create the leaf certificates that devices and users will utilise."
+msgstr "Lastly, we can create the leaf certificates that devices and users will utilise."
+
#: ../../configuration/interfaces/l2tpv3.rst:11
msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
@@ -9428,6 +9441,10 @@ msgid "Multiple VLAN to VNI mappings can be configured against the same SVD. Thi
msgstr "Multiple VLAN to VNI mappings can be configured against the same SVD. This allows for a significant scaling of the number of VNIs since a separate VXLAN interface is no longer required for each VNI."
#: ../../configuration/system/host-name.rst:68
+msgid "Multiple aliases can be specified per host-name."
+msgstr "Multiple aliases can be specified per host-name."
+
+#: ../../configuration/system/host-name.rst:68
msgid "Multiple aliases can pe specified per host-name."
msgstr "Multiple aliases can pe specified per host-name."
@@ -11743,6 +11760,10 @@ msgstr "Scripting"
msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
+#: ../../configuration/pki/index.rst:411
+msgid "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+msgstr "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+
#: ../../configuration/service/ipoe-server.rst:186
#: ../../configuration/service/pppoe-server.rst:148
#: ../../configuration/vpn/l2tp.rst:191
@@ -16302,6 +16323,10 @@ msgstr "This configuration enables HTTP health checks on backend servers."
msgid "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
msgstr "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
+#: ../../configuration/pki/index.rst:375
+msgid "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+msgstr "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+
#: ../../configuration/loadbalancing/reverse-proxy.rst:214
msgid "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
msgstr "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
@@ -21057,6 +21082,22 @@ msgstr "``vnc`` - Virtual Network Control (VNC)"
msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
+#: ../../configuration/pki/index.rst:386
+msgid "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+msgstr "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+
+#: ../../configuration/pki/index.rst:383
+msgid "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+msgstr "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+
+#: ../../configuration/pki/index.rst:389
+msgid "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+msgstr "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+
+#: ../../configuration/pki/index.rst:381
+msgid "``vyos_root_ca`` is the root certificate authority."
+msgstr "``vyos_root_ca`` is the root certificate authority."
+
#: ../../configuration/vpn/site2site_ipsec.rst:59
msgid "``x509`` - options for x509 authentication mode:"
msgstr "``x509`` - options for x509 authentication mode:"
diff --git a/docs/_locale/pt/LC_MESSAGES/cli.mo b/docs/_locale/pt/LC_MESSAGES/cli.mo
index 2c519fba..206ed847 100644
--- a/docs/_locale/pt/LC_MESSAGES/cli.mo
+++ b/docs/_locale/pt/LC_MESSAGES/cli.mo
Binary files differ
diff --git a/docs/_locale/pt/LC_MESSAGES/configuration.mo b/docs/_locale/pt/LC_MESSAGES/configuration.mo
index e249512a..34c7846c 100644
--- a/docs/_locale/pt/LC_MESSAGES/configuration.mo
+++ b/docs/_locale/pt/LC_MESSAGES/configuration.mo
Binary files differ
diff --git a/docs/_locale/pt/cli.pot b/docs/_locale/pt/cli.pot
index 12dda7c8..697d0fbb 100644
--- a/docs/_locale/pt/cli.pot
+++ b/docs/_locale/pt/cli.pot
@@ -28,23 +28,23 @@ msgstr "**Working configuration** is the one that is currently being modified in
msgid "A VyOS system has three major types of configurations:"
msgstr "A VyOS system has three major types of configurations:"
-#: ../../cli.rst:576
+#: ../../cli.rst:579
msgid "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
msgstr "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
-#: ../../cli.rst:690
+#: ../../cli.rst:693
msgid "Access opmode from config mode"
msgstr "Access opmode from config mode"
-#: ../../cli.rst:697
+#: ../../cli.rst:700
msgid "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
msgstr "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
-#: ../../cli.rst:651
+#: ../../cli.rst:654
msgid "Add comment as an annotation to a configuration node."
msgstr "Add comment as an annotation to a configuration node."
-#: ../../cli.rst:539
+#: ../../cli.rst:542
msgid "All changes in the working config will thus be lost."
msgstr "All changes in the working config will thus be lost."
@@ -52,7 +52,7 @@ msgstr "All changes in the working config will thus be lost."
msgid "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
msgstr "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
-#: ../../cli.rst:676
+#: ../../cli.rst:679
msgid "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
msgstr "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
@@ -72,11 +72,11 @@ msgstr "By default, the configuration is displayed in a hierarchy like the above
msgid "Command Line Interface"
msgstr "Command Line Interface"
-#: ../../cli.rst:701
+#: ../../cli.rst:704
msgid "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
msgstr "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
-#: ../../cli.rst:754
+#: ../../cli.rst:757
msgid "Compare configurations"
msgstr "Compare configurations"
@@ -92,11 +92,11 @@ msgstr "Configuration Overview"
msgid "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
msgstr "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
-#: ../../cli.rst:535
+#: ../../cli.rst:538
msgid "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
msgstr "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
-#: ../../cli.rst:583
+#: ../../cli.rst:586
msgid "Copy a configuration element."
msgstr "Copy a configuration element."
@@ -104,7 +104,7 @@ msgstr "Copy a configuration element."
msgid "Editing the configuration"
msgstr "Editing the configuration"
-#: ../../cli.rst:662
+#: ../../cli.rst:665
msgid "Example:"
msgstr "Example:"
@@ -124,11 +124,11 @@ msgstr "For example typing ``sh`` followed by the ``TAB`` key will complete to `
msgid "Get a collection of all the set commands required which led to the running configuration."
msgstr "Get a collection of all the set commands required which led to the running configuration."
-#: ../../cli.rst:933
+#: ../../cli.rst:936
msgid "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
msgstr "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
-#: ../../cli.rst:919
+#: ../../cli.rst:922
msgid "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
msgstr "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
@@ -140,15 +140,15 @@ msgstr "It is also possible to display all :cfgcmd:`set` commands within configu
msgid "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
msgstr "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
-#: ../../cli.rst:723
+#: ../../cli.rst:726
msgid "Local Archive"
msgstr "Local Archive"
-#: ../../cli.rst:714
+#: ../../cli.rst:717
msgid "Managing configurations"
msgstr "Managing configurations"
-#: ../../cli.rst:627
+#: ../../cli.rst:630
msgid "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
msgstr "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
@@ -164,31 +164,31 @@ msgstr "Operational mode allows for commands to perform operational system tasks
msgid "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
msgstr "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
-#: ../../cli.rst:850
+#: ../../cli.rst:853
msgid "Remote Archive"
msgstr "Remote Archive"
-#: ../../cli.rst:616
+#: ../../cli.rst:619
msgid "Rename a configuration element."
msgstr "Rename a configuration element."
-#: ../../cli.rst:917
+#: ../../cli.rst:920
msgid "Restore Default"
msgstr "Restore Default"
-#: ../../cli.rst:725
+#: ../../cli.rst:728
msgid "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
msgstr "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
-#: ../../cli.rst:828
+#: ../../cli.rst:831
msgid "Rollback Changes"
msgstr "Rollback Changes"
-#: ../../cli.rst:835
+#: ../../cli.rst:838
msgid "Rollback to revision N (currently requires reboot)"
msgstr "Rollback to revision N (currently requires reboot)"
-#: ../../cli.rst:884
+#: ../../cli.rst:887
msgid "Saving and loading manually"
msgstr "Saving and loading manually"
@@ -200,11 +200,11 @@ msgstr "See the configuration section of this document for more information on c
msgid "Seeing and navigating the configuration"
msgstr "Seeing and navigating the configuration"
-#: ../../cli.rst:810
+#: ../../cli.rst:813
msgid "Show commit revision difference."
msgstr "Show commit revision difference."
-#: ../../cli.rst:861
+#: ../../cli.rst:864
msgid "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
msgstr "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
@@ -228,15 +228,15 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
-#: ../../cli.rst:653
+#: ../../cli.rst:656
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
-#: ../../cli.rst:784
+#: ../../cli.rst:787
msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
-#: ../../cli.rst:813
+#: ../../cli.rst:816
msgid "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
msgstr "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
@@ -252,11 +252,11 @@ msgstr "The configuration can be edited by the use of :cfgcmd:`set` and :cfgcmd:
msgid "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
msgstr "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
-#: ../../cli.rst:872
+#: ../../cli.rst:875
msgid "The number of revisions don't affect the commit-archive."
msgstr "The number of revisions don't affect the commit-archive."
-#: ../../cli.rst:930
+#: ../../cli.rst:933
msgid "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
msgstr "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
@@ -268,7 +268,7 @@ msgstr "These commands are also relative to the level you are inside and only re
msgid "These two commands above are essentially the same, just executed from different levels in the hierarchy."
msgstr "These two commands above are essentially the same, just executed from different levels in the hierarchy."
-#: ../../cli.rst:824
+#: ../../cli.rst:827
msgid "This means four commits ago we did ``set system ipv6 disable-forwarding``."
msgstr "This means four commits ago we did ``set system ipv6 disable-forwarding``."
@@ -280,7 +280,7 @@ msgstr "To delete a configuration entry use the :cfgcmd:`delete` command, this a
msgid "To enter configuration mode use the ``configure`` command:"
msgstr "To enter configuration mode use the ``configure`` command:"
-#: ../../cli.rst:658
+#: ../../cli.rst:661
msgid "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
msgstr "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
@@ -288,11 +288,11 @@ msgstr "To remove an existing comment from your current configuration, specify a
msgid "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
msgstr "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
-#: ../../cli.rst:895
+#: ../../cli.rst:898
msgid "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
msgstr "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
-#: ../../cli.rst:508
+#: ../../cli.rst:511
msgid "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
msgstr "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
@@ -300,15 +300,15 @@ msgstr "Use this command to preserve configuration changes upon reboot. By defau
msgid "Use this command to set the value of a parameter or to create a new element."
msgstr "Use this command to set the value of a parameter or to create a new element."
-#: ../../cli.rst:760
+#: ../../cli.rst:763
msgid "Use this command to spot what the differences are between different configurations."
msgstr "Use this command to spot what the differences are between different configurations."
-#: ../../cli.rst:552
+#: ../../cli.rst:555
msgid "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
msgstr "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
-#: ../../cli.rst:730
+#: ../../cli.rst:733
msgid "View all existing revisions on the local system."
msgstr "View all existing revisions on the local system."
@@ -324,7 +324,7 @@ msgstr "View the current active configuration in JSON format."
msgid "View the current active configuration in readable JSON format."
msgstr "View the current active configuration in readable JSON format."
-#: ../../cli.rst:852
+#: ../../cli.rst:855
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
@@ -332,11 +332,11 @@ msgstr "VyOS can upload the configuration to a remote location after each call t
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
-#: ../../cli.rst:716
+#: ../../cli.rst:719
msgid "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
msgstr "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
-#: ../../cli.rst:756
+#: ../../cli.rst:759
msgid "VyOS lets you compare different configurations."
msgstr "VyOS lets you compare different configurations."
@@ -348,7 +348,7 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
-#: ../../cli.rst:558
+#: ../../cli.rst:561
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
@@ -360,7 +360,7 @@ msgstr "When entering the configuration mode you are navigating inside a tree st
msgid "When going into configuration mode, prompt changes from ``$`` to ``#``."
msgstr "When going into configuration mode, prompt changes from ``$`` to ``#``."
-#: ../../cli.rst:692
+#: ../../cli.rst:695
msgid "When inside configuration mode you are not directly able to execute operational commands."
msgstr "When inside configuration mode you are not directly able to execute operational commands."
@@ -368,7 +368,7 @@ msgstr "When inside configuration mode you are not directly able to execute oper
msgid "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
msgstr "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
-#: ../../cli.rst:889
+#: ../../cli.rst:892
msgid "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
msgstr "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
@@ -384,15 +384,15 @@ msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all
msgid "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
-#: ../../cli.rst:618
+#: ../../cli.rst:621
msgid "You can also rename config subtrees:"
msgstr "You can also rename config subtrees:"
-#: ../../cli.rst:585
+#: ../../cli.rst:588
msgid "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
msgstr "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
-#: ../../cli.rst:830
+#: ../../cli.rst:833
msgid "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
msgstr "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
@@ -400,19 +400,23 @@ msgstr "You can rollback configuration changes using the rollback command. This
msgid "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
msgstr "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
-#: ../../cli.rst:747
+#: ../../cli.rst:504
+msgid "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+msgstr "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+
+#: ../../cli.rst:750
msgid "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
msgstr "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
-#: ../../cli.rst:886
+#: ../../cli.rst:889
msgid "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
msgstr "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
-#: ../../cli.rst:874
+#: ../../cli.rst:877
msgid "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
msgstr "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
-#: ../../cli.rst:927
+#: ../../cli.rst:930
msgid "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
msgstr "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
@@ -420,19 +424,19 @@ msgstr "You will be asked if you want to continue. If you accept, you will have
msgid "``b`` will scroll back one page"
msgstr "``b`` will scroll back one page"
-#: ../../cli.rst:866
+#: ../../cli.rst:869
msgid "``ftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``ftp://<user>:<passwd>@<host>/<dir>``"
-#: ../../cli.rst:870
+#: ../../cli.rst:873
msgid "``git+https://<user>:<passwd>@<host>/<path>``"
msgstr "``git+https://<user>:<passwd>@<host>/<path>``"
-#: ../../cli.rst:864
+#: ../../cli.rst:867
msgid "``http://<user>:<passwd>@<host>:/<dir>``"
msgstr "``http://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:865
+#: ../../cli.rst:868
msgid "``https://<user>:<passwd>@<host>:/<dir>``"
msgstr "``https://<user>:<passwd>@<host>:/<dir>``"
@@ -448,11 +452,11 @@ msgstr "``q`` key can be used to cancel output"
msgid "``return`` will scroll down one line"
msgstr "``return`` will scroll down one line"
-#: ../../cli.rst:868
+#: ../../cli.rst:871
msgid "``scp://<user>:<passwd>@<host>:/<dir>``"
msgstr "``scp://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:867
+#: ../../cli.rst:870
msgid "``sftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``sftp://<user>:<passwd>@<host>/<dir>``"
@@ -460,7 +464,7 @@ msgstr "``sftp://<user>:<passwd>@<host>/<dir>``"
msgid "``space`` will scroll down one page"
msgstr "``space`` will scroll down one page"
-#: ../../cli.rst:869
+#: ../../cli.rst:872
msgid "``tftp://<host>/<dir>``"
msgstr "``tftp://<host>/<dir>``"
diff --git a/docs/_locale/pt/configuration.pot b/docs/_locale/pt/configuration.pot
index e2170704..098a9f01 100644
--- a/docs/_locale/pt/configuration.pot
+++ b/docs/_locale/pt/configuration.pot
@@ -4078,6 +4078,10 @@ msgstr "Create `<user>` for local authentication on this system. The users passw
msgid "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
msgstr "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
+#: ../../configuration/pki/index.rst:373
+msgid "Create a CA chain and leaf certificates"
+msgstr "Create a CA chain and leaf certificates"
+
#: ../../configuration/interfaces/bridge.rst:199
msgid "Create a basic bridge"
msgstr "Create a basic bridge"
@@ -5839,6 +5843,7 @@ msgstr "Example synproxy"
#: ../../configuration/interfaces/macsec.rst:153
#: ../../configuration/interfaces/wireless.rst:541
#: ../../configuration/loadbalancing/reverse-proxy.rst:227
+#: ../../configuration/pki/index.rst:370
#: ../../configuration/policy/index.rst:46
#: ../../configuration/protocols/bgp.rst:1118
#: ../../configuration/protocols/isis.rst:336
@@ -6127,6 +6132,10 @@ msgstr "First, on both routers run the operational command \"generate pki key-pa
msgid "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
msgstr "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
+#: ../../configuration/pki/index.rst:393
+msgid "First, we create the root certificate authority."
+msgstr "First, we create the root certificate authority."
+
#: ../../configuration/interfaces/openvpn.rst:176
msgid "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
msgstr "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
@@ -8569,6 +8578,10 @@ msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)."
msgid "Label Distribution Protocol"
msgstr "Label Distribution Protocol"
+#: ../../configuration/pki/index.rst:447
+msgid "Lastly, we can create the leaf certificates that devices and users will utilise."
+msgstr "Lastly, we can create the leaf certificates that devices and users will utilise."
+
#: ../../configuration/interfaces/l2tpv3.rst:11
msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
@@ -9428,6 +9441,10 @@ msgid "Multiple VLAN to VNI mappings can be configured against the same SVD. Thi
msgstr "Multiple VLAN to VNI mappings can be configured against the same SVD. This allows for a significant scaling of the number of VNIs since a separate VXLAN interface is no longer required for each VNI."
#: ../../configuration/system/host-name.rst:68
+msgid "Multiple aliases can be specified per host-name."
+msgstr "Multiple aliases can be specified per host-name."
+
+#: ../../configuration/system/host-name.rst:68
msgid "Multiple aliases can pe specified per host-name."
msgstr "Multiple aliases can pe specified per host-name."
@@ -11743,6 +11760,10 @@ msgstr "Scripting"
msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
+#: ../../configuration/pki/index.rst:411
+msgid "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+msgstr "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+
#: ../../configuration/service/ipoe-server.rst:186
#: ../../configuration/service/pppoe-server.rst:148
#: ../../configuration/vpn/l2tp.rst:191
@@ -16302,6 +16323,10 @@ msgstr "This configuration enables HTTP health checks on backend servers."
msgid "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
msgstr "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
+#: ../../configuration/pki/index.rst:375
+msgid "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+msgstr "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+
#: ../../configuration/loadbalancing/reverse-proxy.rst:214
msgid "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
msgstr "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
@@ -21057,6 +21082,22 @@ msgstr "``vnc`` - Virtual Network Control (VNC)"
msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
+#: ../../configuration/pki/index.rst:386
+msgid "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+msgstr "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+
+#: ../../configuration/pki/index.rst:383
+msgid "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+msgstr "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+
+#: ../../configuration/pki/index.rst:389
+msgid "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+msgstr "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+
+#: ../../configuration/pki/index.rst:381
+msgid "``vyos_root_ca`` is the root certificate authority."
+msgstr "``vyos_root_ca`` is the root certificate authority."
+
#: ../../configuration/vpn/site2site_ipsec.rst:59
msgid "``x509`` - options for x509 authentication mode:"
msgstr "``x509`` - options for x509 authentication mode:"
diff --git a/docs/_locale/uk/LC_MESSAGES/cli.mo b/docs/_locale/uk/LC_MESSAGES/cli.mo
index 69e3c1c2..ea88e77e 100644
--- a/docs/_locale/uk/LC_MESSAGES/cli.mo
+++ b/docs/_locale/uk/LC_MESSAGES/cli.mo
Binary files differ
diff --git a/docs/_locale/uk/LC_MESSAGES/configuration.mo b/docs/_locale/uk/LC_MESSAGES/configuration.mo
index f4e57c3b..81074aef 100644
--- a/docs/_locale/uk/LC_MESSAGES/configuration.mo
+++ b/docs/_locale/uk/LC_MESSAGES/configuration.mo
Binary files differ
diff --git a/docs/_locale/uk/cli.pot b/docs/_locale/uk/cli.pot
index f264adae..d2d2418b 100644
--- a/docs/_locale/uk/cli.pot
+++ b/docs/_locale/uk/cli.pot
@@ -28,23 +28,23 @@ msgstr "**Робоча конфігурація** – це конфігурац
msgid "A VyOS system has three major types of configurations:"
msgstr "Система VyOS має три основні типи конфігурацій:"
-#: ../../cli.rst:576
+#: ../../cli.rst:579
msgid "A reboot because you did not enter ``confirm`` will not take you necessarily to the *saved configuration*, but to the point before the unfortunate commit."
msgstr "Перезавантаження через те, що ви не ввели ``confirm``, не обов’язково переведе вас до *збереженої конфігурації*, а до точки перед невдалим комітом."
-#: ../../cli.rst:690
+#: ../../cli.rst:693
msgid "Access opmode from config mode"
msgstr "Доступ до opmode з режиму конфігурації"
-#: ../../cli.rst:697
+#: ../../cli.rst:700
msgid "Access to these commands are possible through the use of the ``run [command]`` command. From this command you will have access to everything accessible from operational mode."
msgstr "Доступ до цих команд можливий за допомогою команди ``run [command]``. За допомогою цієї команди ви матимете доступ до всього, доступного з робочого режиму."
-#: ../../cli.rst:651
+#: ../../cli.rst:654
msgid "Add comment as an annotation to a configuration node."
msgstr "Додайте коментар як анотацію до вузла конфігурації."
-#: ../../cli.rst:539
+#: ../../cli.rst:542
msgid "All changes in the working config will thus be lost."
msgstr "Таким чином, усі зміни в робочій конфігурації буде втрачено."
@@ -52,7 +52,7 @@ msgstr "Таким чином, усі зміни в робочій конфіг
msgid "All commands executed here are relative to the configuration level you have entered. You can do everything from the top level, but commands will be quite lengthy when manually typing them."
msgstr "Усі команди, що виконуються тут, відносяться до рівня конфігурації, який ви ввели. Ви можете робити все з верхнього рівня, але команди будуть досить довгими, якщо їх вводити вручну."
-#: ../../cli.rst:676
+#: ../../cli.rst:679
msgid "An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the `show firewall` command would return starting after the ``firewall {`` line, hiding the comment."
msgstr "Важливо зауважити, що оскільки коментар додається вгорі розділу, він не відображатиметься, якщо ``показати<section> `` використовується команда. У наведеному вище прикладі команда `show firewall` повертатиметься після рядка ``firewall {``, приховуючи коментар."
@@ -72,11 +72,11 @@ msgstr "За замовчуванням конфігурація відобра
msgid "Command Line Interface"
msgstr "Інтерфейс командного рядка"
-#: ../../cli.rst:701
+#: ../../cli.rst:704
msgid "Command completion and syntax help with ``?`` and ``[tab]`` will also work."
msgstr "Доповнення команд і синтаксична довідка з ``?`` і ``[tab]`` також працюватимуть."
-#: ../../cli.rst:754
+#: ../../cli.rst:757
msgid "Compare configurations"
msgstr "Порівняйте конфігурації"
@@ -92,11 +92,11 @@ msgstr "Огляд конфігурації"
msgid "Configuration commands are flattened from the tree into 'one-liner' commands shown in :opcmd:`show configuration commands` from operation mode. Commands are relative to the level where they are executed and all redundant information from the current level is removed from the command entered."
msgstr "Команди конфігурації зведені з дерева в команди «одного рядка», показані в :opcmd:`показати команди конфігурації` з режиму роботи. Команди відносяться до рівня, на якому вони виконуються, і вся зайва інформація з поточного рівня видаляється з введеної команди."
-#: ../../cli.rst:535
+#: ../../cli.rst:538
msgid "Configuration mode can not be exited while uncommitted changes exist. To exit configuration mode without applying changes, the :cfgcmd:`exit discard` command must be used."
msgstr "Неможливо вийти з режиму конфігурації, поки існують незафіксовані зміни. Щоб вийти з режиму налаштування без застосування змін, необхідно використати команду :cfgcmd:`exit discard`."
-#: ../../cli.rst:583
+#: ../../cli.rst:586
msgid "Copy a configuration element."
msgstr "Скопіюйте елемент конфігурації."
@@ -104,7 +104,7 @@ msgstr "Скопіюйте елемент конфігурації."
msgid "Editing the configuration"
msgstr "Редагування конфігурації"
-#: ../../cli.rst:662
+#: ../../cli.rst:665
msgid "Example:"
msgstr "приклад:"
@@ -124,11 +124,11 @@ msgstr "Наприклад, введення ``sh`` і клавіша ``TAB`` п
msgid "Get a collection of all the set commands required which led to the running configuration."
msgstr "Отримайте збірку всіх необхідних команд, які призвели до запущеної конфігурації."
-#: ../../cli.rst:933
+#: ../../cli.rst:936
msgid "If you are remotely connected, you will lose your connection. You may want to copy first the config, edit it to ensure connectivity, and load the edited config."
msgstr "Якщо ви підключені віддалено, ви втратите з’єднання. Ви можете спочатку скопіювати конфігурацію, відредагувати її, щоб забезпечити з’єднання, і завантажити відредаговану конфігурацію."
-#: ../../cli.rst:919
+#: ../../cli.rst:922
msgid "In the case you want to completely delete your configuration and restore the default one, you can enter the following command in configuration mode:"
msgstr "Якщо ви хочете повністю видалити конфігурацію та відновити стандартну, ви можете ввести таку команду в режимі конфігурації:"
@@ -140,15 +140,15 @@ msgstr "It is also possible to display all :cfgcmd:`set` commands within configu
msgid "It is also possible to display all `set` commands within configuration mode using :cfgcmd:`show | commands`"
msgstr "Також можна відобразити всі команди `set` в режимі конфігурації за допомогою :cfgcmd:`show | команди`"
-#: ../../cli.rst:723
+#: ../../cli.rst:726
msgid "Local Archive"
msgstr "Місцевий архів"
-#: ../../cli.rst:714
+#: ../../cli.rst:717
msgid "Managing configurations"
msgstr "Керування конфігураціями"
-#: ../../cli.rst:627
+#: ../../cli.rst:630
msgid "Note that ``show`` command respects your edit level and from this level you can view the modified firewall ruleset with just ``show`` with no parameters."
msgstr "Зауважте, що команда ``show`` поважає ваш рівень редагування, і на цьому рівні ви можете переглядати змінений набір правил брандмауера лише за допомогою ``show`` без параметрів."
@@ -164,31 +164,31 @@ msgstr "Оперативний режим дозволяє командам ви
msgid "Prompt changes from ``$`` to ``#``. To exit configuration mode, type ``exit``."
msgstr "Підказка змінюється з ``$`` на ``#``. Щоб вийти з режиму налаштування, введіть ``вихід``."
-#: ../../cli.rst:850
+#: ../../cli.rst:853
msgid "Remote Archive"
msgstr "Віддалений архів"
-#: ../../cli.rst:616
+#: ../../cli.rst:619
msgid "Rename a configuration element."
msgstr "Перейменувати елемент конфігурації."
-#: ../../cli.rst:917
+#: ../../cli.rst:920
msgid "Restore Default"
msgstr "Відновити значення за замовчуванням"
-#: ../../cli.rst:725
+#: ../../cli.rst:728
msgid "Revisions are stored on disk. You can view, compare and rollback them to any previous revisions if something goes wrong."
msgstr "Ревізії зберігаються на диску. Ви можете переглядати, порівнювати та повертати їх до будь-яких попередніх версій, якщо щось піде не так."
-#: ../../cli.rst:828
+#: ../../cli.rst:831
msgid "Rollback Changes"
msgstr "Відкат змін"
-#: ../../cli.rst:835
+#: ../../cli.rst:838
msgid "Rollback to revision N (currently requires reboot)"
msgstr "Відкат до версії N (наразі вимагає перезавантаження)"
-#: ../../cli.rst:884
+#: ../../cli.rst:887
msgid "Saving and loading manually"
msgstr "Збереження та завантаження вручну"
@@ -200,11 +200,11 @@ msgstr "Дивіться розділ конфігурації цього док
msgid "Seeing and navigating the configuration"
msgstr "Перегляд конфігурації та навігація"
-#: ../../cli.rst:810
+#: ../../cli.rst:813
msgid "Show commit revision difference."
msgstr "Показати різницю в редакції фіксації."
-#: ../../cli.rst:861
+#: ../../cli.rst:864
msgid "Specify remote location of commit archive as any of the below :abbr:`URI (Uniform Resource Identifier)`"
msgstr "Укажіть віддалене розташування архіву комітів як будь-яке з наведених нижче :abbr:`URI (уніфікований ідентифікатор ресурсу)`"
@@ -228,15 +228,15 @@ msgstr "Команда :cfgcmd:`show` у режимі конфігурації
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes."
msgstr "Команда ``comment`` дозволяє вставити коментар над ``<config node> `` розділ конфігурації. Коли відображаються, коментарі обмежуються ``/*`` і ``*/`` як розділювачі відкриття/закриття. Коментарі потрібно зафіксувати, як і інші зміни конфігурації."
-#: ../../cli.rst:653
+#: ../../cli.rst:656
msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes."
-#: ../../cli.rst:784
+#: ../../cli.rst:787
msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M."
msgstr "Команда :cfgcmd:`compare` дозволяє порівнювати різні типи конфігурацій. Це також дозволяє порівнювати різні версії за допомогою команди :cfgcmd:`compare NM`, де N і M є номерами версій. Вихідні дані описуватимуть конфігурацію N у порівнянні з M, вказуючи знаком плюс (``+``) додаткові частини, які N має порівняно з M, і вказуючи знаком мінус (``-``) недоліки частини N відсутні в порівнянні з M."
-#: ../../cli.rst:813
+#: ../../cli.rst:816
msgid "The command above also lets you see the difference between two commits. By default the difference with the running config is shown."
msgstr "Наведена вище команда також дозволяє побачити різницю між двома комітами. За умовчанням показано різницю з поточною конфігурацією."
@@ -252,11 +252,11 @@ msgstr "Конфігурацію можна редагувати за допом
msgid "The current hierarchy level can be changed by the :cfgcmd:`edit` command."
msgstr "Поточний рівень ієрархії можна змінити командою :cfgcmd:`edit`."
-#: ../../cli.rst:872
+#: ../../cli.rst:875
msgid "The number of revisions don't affect the commit-archive."
msgstr "Кількість редагувань не впливає на архів комітів."
-#: ../../cli.rst:930
+#: ../../cli.rst:933
msgid "Then you may want to :cfgcmd:`save` in order to delete the saved configuration too."
msgstr "Тоді ви можете :cfgcmd:`зберегти`, щоб також видалити збережену конфігурацію."
@@ -268,7 +268,7 @@ msgstr "Ці команди також пов’язані з рівнем, на
msgid "These two commands above are essentially the same, just executed from different levels in the hierarchy."
msgstr "Ці дві наведені вище команди по суті однакові, просто виконуються з різних рівнів ієрархії."
-#: ../../cli.rst:824
+#: ../../cli.rst:827
msgid "This means four commits ago we did ``set system ipv6 disable-forwarding``."
msgstr "Це означає, що чотири коміти тому ми зробили ``налаштування системного ipv6 disable-forwarding``."
@@ -280,7 +280,7 @@ msgstr "Щоб видалити запис конфігурації, скори
msgid "To enter configuration mode use the ``configure`` command:"
msgstr "Щоб увійти в режим налаштування, використовуйте команду ``configure``:"
-#: ../../cli.rst:658
+#: ../../cli.rst:661
msgid "To remove an existing comment from your current configuration, specify an empty string enclosed in double quote marks (``\"\"``) as the comment text."
msgstr "Щоб видалити наявний коментар із вашої поточної конфігурації, укажіть порожній рядок у подвійних лапках (``&quot;&quot;``) як текст коментаря."
@@ -288,11 +288,11 @@ msgstr "Щоб видалити наявний коментар із вашої
msgid "Use the ``show configuration commands | strip-private`` command when you want to hide private data. You may want to do so if you want to share your configuration on the `forum`_."
msgstr "Використовуйте ``показати команди конфігурації | strip-private``, коли ви хочете приховати особисті дані. Ви можете зробити це, якщо хочете поділитися своєю конфігурацією на `форумі`_."
-#: ../../cli.rst:895
+#: ../../cli.rst:898
msgid "Use this command to load a configuration which will replace the running configuration. Define the location of the configuration file to be loaded. You can use a path to a local file, an SCP address, an SFTP address, an FTP address, an HTTP address, an HTTPS address or a TFTP address."
msgstr "Використовуйте цю команду, щоб завантажити конфігурацію, яка замінить поточну конфігурацію. Визначте розташування файлу конфігурації, який потрібно завантажити. Ви можете використовувати шлях до локального файлу, адресу SCP, адресу SFTP, адресу FTP, адресу HTTP, адресу HTTPS або адресу TFTP."
-#: ../../cli.rst:508
+#: ../../cli.rst:511
msgid "Use this command to preserve configuration changes upon reboot. By default it is stored at */config/config.boot*. In the case you want to store the configuration file somewhere else, you can add a local path, a SCP address, a FTP address or a TFTP address."
msgstr "Використовуйте цю команду, щоб зберегти зміни конфігурації після перезавантаження. За замовчуванням він зберігається в */config/config.boot*. Якщо ви хочете зберегти файл конфігурації в іншому місці, ви можете додати локальний шлях, адресу SCP, адресу FTP або адресу TFTP."
@@ -300,15 +300,15 @@ msgstr "Використовуйте цю команду, щоб зберегт
msgid "Use this command to set the value of a parameter or to create a new element."
msgstr "Використовуйте цю команду, щоб встановити значення параметра або створити новий елемент."
-#: ../../cli.rst:760
+#: ../../cli.rst:763
msgid "Use this command to spot what the differences are between different configurations."
msgstr "Використовуйте цю команду, щоб визначити відмінності між різними конфігураціями."
-#: ../../cli.rst:552
+#: ../../cli.rst:555
msgid "Use this command to temporarily commit your changes and set the number of minutes available for validation. ``confirm`` must be entered within those minutes, otherwise the system will reboot into the previous configuration. The default value is 10 minutes."
msgstr "Використовуйте цю команду, щоб тимчасово зафіксувати зміни та встановити кількість хвилин, доступних для перевірки. ``confirm`` необхідно ввести протягом цих хвилин, інакше система перезавантажиться до попередньої конфігурації. Стандартне значення становить 10 хвилин."
-#: ../../cli.rst:730
+#: ../../cli.rst:733
msgid "View all existing revisions on the local system."
msgstr "Переглянути всі існуючі версії в локальній системі."
@@ -324,7 +324,7 @@ msgstr "Перегляньте поточну активну конфігура
msgid "View the current active configuration in readable JSON format."
msgstr "Перегляньте поточну активну конфігурацію в читабельному форматі JSON."
-#: ../../cli.rst:852
+#: ../../cli.rst:855
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
@@ -332,11 +332,11 @@ msgstr "VyOS can upload the configuration to a remote location after each call t
msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``."
msgstr "VyOS може завантажити конфігурацію у віддалене місце після кожного виклику :cfgcmd:`commit`. Вам потрібно буде встановити розташування архіву комітів. Підтримуються сервери TFTP, FTP, SCP і SFTP. Кожного разу, коли :cfgcmd:`commit` є успішним, файл ``config.boot`` буде скопійовано до визначеного місця призначення. Ім’я файлу, що використовується на віддаленому хості, буде ``config.boot-hostname.YYYYMMDD_HHMMSS``."
-#: ../../cli.rst:716
+#: ../../cli.rst:719
msgid "VyOS comes with an integrated versioning system for the system configuration. It automatically maintains a backup of every previous configuration which has been committed to the system. The configurations are versioned locally for rollback but they can also be stored on a remote host for archiving/backup reasons."
msgstr "VyOS поставляється з інтегрованою системою керування версіями для конфігурації системи. Він автоматично підтримує резервну копію кожної попередньої конфігурації, яка була зафіксована в системі. Конфігурації керуються локальними версіями для відкоту, але їх також можна зберігати на віддаленому хості для архівування/резервного копіювання."
-#: ../../cli.rst:756
+#: ../../cli.rst:759
msgid "VyOS lets you compare different configurations."
msgstr "VyOS дозволяє порівнювати різні конфігурації."
@@ -348,7 +348,7 @@ msgstr "VyOS використовує уніфікований файл конф
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "А якщо ви робите щось небезпечне? Припустімо, що ви хочете налаштувати брандмауер і не впевнені, що немає помилок, які заблокують вас у вашій системі. Ви можете використовувати підтверджену фіксацію. Якщо ви введете команду ``commit-confirm``, ваші зміни буде зафіксовано, і якщо ви не введете команду ``confirm`` протягом 10 хвилин, ваша система перезавантажиться до попередньої версії конфігурації."
-#: ../../cli.rst:558
+#: ../../cli.rst:561
msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision."
@@ -360,7 +360,7 @@ msgstr "Під час входу в режим конфігурації ви п
msgid "When going into configuration mode, prompt changes from ``$`` to ``#``."
msgstr "Під час переходу в режим налаштування підказка змінюється з ``$`` на ``#``."
-#: ../../cli.rst:692
+#: ../../cli.rst:695
msgid "When inside configuration mode you are not directly able to execute operational commands."
msgstr "У режимі конфігурації ви не можете безпосередньо виконувати робочі команди."
@@ -368,7 +368,7 @@ msgstr "У режимі конфігурації ви не можете безп
msgid "When the output of a command results in more lines than can be displayed on the terminal screen the output is paginated as indicated by a ``:`` prompt."
msgstr "Якщо вихід команди призводить до більшої кількості рядків, ніж може бути відображено на екрані терміналу, результат розбивається на сторінки, як вказує підказка ``:``."
-#: ../../cli.rst:889
+#: ../../cli.rst:892
msgid "When using the save_ command, you can add a specific location where to store your configuration file. And, when needed it, you will be able to load it with the ``load`` command:"
msgstr "Використовуючи команду save_, ви можете додати конкретне місце для збереження файлу конфігурації. І за потреби ви зможете завантажити його за допомогою команди ``load``:"
@@ -384,15 +384,15 @@ msgstr "Тепер ви перебуваєте на підрівні відно
msgid "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
msgstr "You are now in a sublevel relative to ``interfaces ethernet eth0``, all commands executed from this point on are relative to this sublevel. Use either the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top of the hierarchy. You can also use the :cfgcmd:`up` command to move only one level up at a time."
-#: ../../cli.rst:618
+#: ../../cli.rst:621
msgid "You can also rename config subtrees:"
msgstr "Ви також можете перейменувати піддерева конфігурації:"
-#: ../../cli.rst:585
+#: ../../cli.rst:588
msgid "You can copy and remove configuration subtrees. Suppose you set up a firewall ruleset ``FromWorld`` with one rule that allows traffic from specific subnet. Now you want to setup a similar rule, but for different subnet. Change your edit level to ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then modify rule 20."
msgstr "Ви можете копіювати та видаляти піддерева конфігурації. Припустімо, ви встановили набір правил брандмауера ``FromWorld`` з одним правилом, яке дозволяє трафік із певної підмережі. Тепер ви хочете налаштувати подібне правило, але для іншої підмережі. Змініть рівень редагування на ``назва брандмауера FromWorld`` і використовуйте ``копіювати правило 10 до правила 20``, а потім змініть правило 20."
-#: ../../cli.rst:830
+#: ../../cli.rst:833
msgid "You can rollback configuration changes using the rollback command. This will apply the selected revision and trigger a system reboot."
msgstr "Ви можете скасувати зміни конфігурації за допомогою команди rollback. Це застосує вибрану версію та ініціює перезавантаження системи."
@@ -400,19 +400,23 @@ msgstr "Ви можете скасувати зміни конфігурації
msgid "You can scroll up with the keys ``[Shift]+[PageUp]`` and scroll down with ``[Shift]+[PageDown]``."
msgstr "Ви можете прокручувати вгору за допомогою клавіш ``[Shift]+[PageUp]`` і прокручувати вниз за допомогою ``[Shift]+[PageDown]``."
-#: ../../cli.rst:747
+#: ../../cli.rst:504
+msgid "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+msgstr "You can specify a commit message with :cfgcmd:`commit comment <message>`."
+
+#: ../../cli.rst:750
msgid "You can specify the number of revisions stored on disk. N can be in the range of 0 - 65535. When the number of revisions exceeds the configured value, the oldest revision is removed. The default setting for this value is to store 100 revisions locally."
msgstr "Ви можете вказати кількість версій, що зберігаються на диску. N може бути в діапазоні від 0 до 65535. Коли кількість версій перевищує встановлене значення, найстаріша версія видаляється. За замовчуванням це значення зберігає 100 редакцій локально."
-#: ../../cli.rst:886
+#: ../../cli.rst:889
msgid "You can use the ``save`` and ``load`` commands if you want to manually manage specific configuration files."
msgstr "Ви можете використовувати команди ``save`` і ``load``, якщо ви хочете вручну керувати певними конфігураційними файлами."
-#: ../../cli.rst:874
+#: ../../cli.rst:877
msgid "You may find VyOS not allowing the secure connection because it cannot verify the legitimacy of the remote server. You can use the workaround below to quickly add the remote host's SSH fingerprint to your ``~/.ssh/known_hosts`` file:"
msgstr "Ви можете виявити, що VyOS не дозволяє безпечне з’єднання, оскільки не може перевірити легітимність віддаленого сервера. Щоб швидко додати відбиток SSH віддаленого хоста до вашого файлу ``~/.ssh/known_hosts``, ви можете скористатися наведеним нижче обхідним шляхом:"
-#: ../../cli.rst:927
+#: ../../cli.rst:930
msgid "You will be asked if you want to continue. If you accept, you will have to use :cfgcmd:`commit` if you want to make the changes active."
msgstr "Вас запитають, чи хочете ви продовжити. Якщо ви приймаєте, вам доведеться використовувати :cfgcmd:`commit`, якщо ви хочете зробити зміни активними."
@@ -420,19 +424,19 @@ msgstr "Вас запитають, чи хочете ви продовжити.
msgid "``b`` will scroll back one page"
msgstr "``b`` прокрутить на одну сторінку назад"
-#: ../../cli.rst:866
+#: ../../cli.rst:869
msgid "``ftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``ftp://<user> :<passwd> @<host> /<dir> ``"
-#: ../../cli.rst:870
+#: ../../cli.rst:873
msgid "``git+https://<user>:<passwd>@<host>/<path>``"
msgstr "``git+https://<user>:<passwd>@<host>/<path>``"
-#: ../../cli.rst:864
+#: ../../cli.rst:867
msgid "``http://<user>:<passwd>@<host>:/<dir>``"
msgstr "``http://<user>:<passwd>@<host>:/<dir>``"
-#: ../../cli.rst:865
+#: ../../cli.rst:868
msgid "``https://<user>:<passwd>@<host>:/<dir>``"
msgstr "``https://<user>:<passwd>@<host>:/<dir>``"
@@ -448,11 +452,11 @@ msgstr "Для скасування виводу можна використов
msgid "``return`` will scroll down one line"
msgstr "``return`` прокрутить на один рядок вниз"
-#: ../../cli.rst:868
+#: ../../cli.rst:871
msgid "``scp://<user>:<passwd>@<host>:/<dir>``"
msgstr "``scp://<user> :<passwd> @<host> :/<dir> ``"
-#: ../../cli.rst:867
+#: ../../cli.rst:870
msgid "``sftp://<user>:<passwd>@<host>/<dir>``"
msgstr "``sftp://<user> :<passwd> @<host> /<dir> ``"
@@ -460,7 +464,7 @@ msgstr "``sftp://<user> :<passwd> @<host> /<dir> ``"
msgid "``space`` will scroll down one page"
msgstr "``пробіл`` прокрутить на одну сторінку вниз"
-#: ../../cli.rst:869
+#: ../../cli.rst:872
msgid "``tftp://<host>/<dir>``"
msgstr "``tftp://<host> /<dir> ``"
diff --git a/docs/_locale/uk/configuration.pot b/docs/_locale/uk/configuration.pot
index cbdfead5..3f9e7bd2 100644
--- a/docs/_locale/uk/configuration.pot
+++ b/docs/_locale/uk/configuration.pot
@@ -4078,6 +4078,10 @@ msgstr "Створити `<user> ` для локальної автентифі
msgid "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
msgstr "Create ``172.18.201.0/24`` as a subnet within ``NET1`` and pass address of Unifi controller at ``172.16.100.1`` to clients of that subnet."
+#: ../../configuration/pki/index.rst:373
+msgid "Create a CA chain and leaf certificates"
+msgstr "Create a CA chain and leaf certificates"
+
#: ../../configuration/interfaces/bridge.rst:199
msgid "Create a basic bridge"
msgstr "Створіть базовий міст"
@@ -5839,6 +5843,7 @@ msgstr "Example synproxy"
#: ../../configuration/interfaces/macsec.rst:153
#: ../../configuration/interfaces/wireless.rst:541
#: ../../configuration/loadbalancing/reverse-proxy.rst:227
+#: ../../configuration/pki/index.rst:370
#: ../../configuration/policy/index.rst:46
#: ../../configuration/protocols/bgp.rst:1118
#: ../../configuration/protocols/isis.rst:336
@@ -6127,6 +6132,10 @@ msgstr "Спочатку на обох маршрутизаторах викон
msgid "First, one of the systems generate the key using the :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki>` command. Once generated, you will need to install this key on the local system, then copy and install this key to the remote router."
msgstr "Спочатку одна із систем генерує ключ за допомогою :ref:`generate pki openvpn shared-secret<configuration/pki/index:pki> ` команда. Після створення вам потрібно буде встановити цей ключ у локальній системі, а потім скопіювати та встановити цей ключ на віддалений маршрутизатор."
+#: ../../configuration/pki/index.rst:393
+msgid "First, we create the root certificate authority."
+msgstr "First, we create the root certificate authority."
+
#: ../../configuration/interfaces/openvpn.rst:176
msgid "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
msgstr "First, you need to generate a key by running ``run generate pki openvpn shared-secret install <name>`` from configuration mode. You can use any name, we will use ``s2s``."
@@ -8569,6 +8578,10 @@ msgstr "LNS часто використовуються для підключе
msgid "Label Distribution Protocol"
msgstr "Протокол розподілу етикеток"
+#: ../../configuration/pki/index.rst:447
+msgid "Lastly, we can create the leaf certificates that devices and users will utilise."
+msgstr "Lastly, we can create the leaf certificates that devices and users will utilise."
+
#: ../../configuration/interfaces/l2tpv3.rst:11
msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements."
msgstr "Layer 2 Tunneling Protocol Version 3 — це стандарт IETF, пов’язаний із L2TP, який можна використовувати як альтернативний протокол до :ref:`mpls` для інкапсуляції багатопротокольного трафіку зв’язку рівня 2 через IP-мережі. Як і L2TP, L2TPv3 надає послугу псевдодротового зв’язку, але масштабується відповідно до вимог оператора."
@@ -9428,6 +9441,10 @@ msgid "Multiple VLAN to VNI mappings can be configured against the same SVD. Thi
msgstr "Multiple VLAN to VNI mappings can be configured against the same SVD. This allows for a significant scaling of the number of VNIs since a separate VXLAN interface is no longer required for each VNI."
#: ../../configuration/system/host-name.rst:68
+msgid "Multiple aliases can be specified per host-name."
+msgstr "Multiple aliases can be specified per host-name."
+
+#: ../../configuration/system/host-name.rst:68
msgid "Multiple aliases can pe specified per host-name."
msgstr "Для кожного імені хоста можна вказати кілька псевдонімів."
@@ -11743,6 +11760,10 @@ msgstr "Сценарії"
msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly."
+#: ../../configuration/pki/index.rst:411
+msgid "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+msgstr "Secondly, we create the intermediary certificate authorities, which are used to sign the leaf certificates."
+
#: ../../configuration/service/ipoe-server.rst:186
#: ../../configuration/service/pppoe-server.rst:148
#: ../../configuration/vpn/l2tp.rst:191
@@ -16302,6 +16323,10 @@ msgstr "This configuration enables HTTP health checks on backend servers."
msgid "This configuration enables the TCP reverse proxy for the \"my-tcp-api\" service. Incoming TCP connections on port 8888 will be load balanced across the backend servers (srv01 and srv02) using the round-robin load-balancing algorithm."
msgstr "Ця конфігурація вмикає зворотний проксі TCP для служби &quot;my-tcp-api&quot;. Вхідні TCP-з’єднання на порт 8888 розподілятимуть навантаження між внутрішніми серверами (srv01 і srv02) за допомогою циклічного алгоритму балансування навантаження."
+#: ../../configuration/pki/index.rst:375
+msgid "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+msgstr "This configuration generates & installs into the VyOS PKI system a root certificate authority, alongside two intermediary certificate authorities for client & server certificates. These CAs are then used to generate a server certificate for the router, and a client certificate for a user."
+
#: ../../configuration/loadbalancing/reverse-proxy.rst:214
msgid "This configuration listen on port 80 and redirect incoming requests to HTTPS:"
msgstr "Ця конфігурація прослуховує порт 80 і перенаправляє вхідні запити на HTTPS:"
@@ -21057,6 +21082,22 @@ msgstr "``vnc`` - керування віртуальною мережею (VNC)
msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:"
msgstr "``vti`` - використовувати інтерфейс VTI для шифрування трафіку. Будь-який трафік, який надсилатиметься до інтерфейсу VTI, буде зашифровано та надсилатиметься цьому вузлу. Використання VTI робить конфігурацію IPSec набагато гнучкою та простішою в складних ситуаціях, а також дозволяє динамічно додавати/видаляти віддалені мережі, доступні через одноранговий пристрій, оскільки в цьому режимі маршрутизатору не потрібно створювати додаткові SA/політики для кожної віддаленої мережі:"
+#: ../../configuration/pki/index.rst:386
+msgid "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+msgstr "``vyos_cert`` is a leaf server certificate used to identify the VyOS router, signed by the server intermediary CA."
+
+#: ../../configuration/pki/index.rst:383
+msgid "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+msgstr "``vyos_client_ca`` and ``vyos_server_ca`` are intermediary certificate authorities, which are signed by the root CA."
+
+#: ../../configuration/pki/index.rst:389
+msgid "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+msgstr "``vyos_example_user`` is a leaf client certificate used to identify a user, signed by client intermediary CA."
+
+#: ../../configuration/pki/index.rst:381
+msgid "``vyos_root_ca`` is the root certificate authority."
+msgstr "``vyos_root_ca`` is the root certificate authority."
+
#: ../../configuration/vpn/site2site_ipsec.rst:59
msgid "``x509`` - options for x509 authentication mode:"
msgstr "``x509`` - параметри режиму аутентифікації x509:"