diff options
| author | srividya0208 <a.srividya@vyos.io> | 2024-02-20 12:05:12 -0500 |
|---|---|---|
| committer | srividya0208 <a.srividya@vyos.io> | 2024-02-20 12:05:12 -0500 |
| commit | e93c4723c7667864867cfbffb74c7239cbee9e6c (patch) | |
| tree | deaf9ea52b05f6aa1db3ad70ed6df8b398f514e0 | |
| parent | ef69ba431c9ebd7929f6205db6ef6d09a200ade4 (diff) | |
| download | vyos-documentation-e93c4723c7667864867cfbffb74c7239cbee9e6c.tar.gz vyos-documentation-e93c4723c7667864867cfbffb74c7239cbee9e6c.zip | |
Op-mode:Added information about import to pki functionality
| -rw-r--r-- | docs/configuration/pki/index.rst | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/docs/configuration/pki/index.rst b/docs/configuration/pki/index.rst index 1fea13ac..a42e286e 100644 --- a/docs/configuration/pki/index.rst +++ b/docs/configuration/pki/index.rst @@ -118,12 +118,12 @@ OpenVPN .. opcmd:: generate pki openvpn shared-secret - Genearate a new OpenVPN shared secret. The generated secred is the output to + Genearate a new OpenVPN shared secret. The generated secret is the output to the console. .. opcmd:: generate pki openvpn shared-secret install <name> - Genearate a new OpenVPN shared secret. The generated secred is the output to + Genearate a new OpenVPN shared secret. The generated secret is the output to the console. .. include:: pki_cli_import_help.txt @@ -248,6 +248,35 @@ certificates used by services on this router. If CA is present, this certificate will be included in generated CRLs +Import files to PKI format +-------------------------- +VyOS provides this utility to import existing certificates/key files directly +into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the +/config folder permanently and will be retained post upgrade. + +.. opcmd:: import pki ca <name> file <Path to CA certificate file> + + Import the public CA certificate from the defined file to VyOS CLI. + +.. opcmd:: import pki ca <name> key-file <Path to private key file> + + Import the CAs private key portion to the CLI. This should never leave the + system as it is used to decrypt the data. The key is required if you use + VyOS as your certificate generator. + +.. opcmd:: import pki certificate <name> file <path to certificate> + + Import the certificate from the file to VyOS CLI. + +.. opcmd:: import pki certificate <name> key-file <path to private key> + + Import the private key of the certificate to the VyOS CLI. This should never + leave the system as it is used to decrypt the data. + +.. opcmd:: import pki openvpn shared-secret <name> file <path to OpenVPN secret key> + + Import the OpenVPN shared secret stored in file to the VyOS CLI. + ACME ^^^^ |