From e93c4723c7667864867cfbffb74c7239cbee9e6c Mon Sep 17 00:00:00 2001 From: srividya0208 Date: Tue, 20 Feb 2024 12:05:12 -0500 Subject: Op-mode:Added information about import to pki functionality --- docs/configuration/pki/index.rst | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) (limited to 'docs/configuration/pki') diff --git a/docs/configuration/pki/index.rst b/docs/configuration/pki/index.rst index 1fea13ac..a42e286e 100644 --- a/docs/configuration/pki/index.rst +++ b/docs/configuration/pki/index.rst @@ -118,12 +118,12 @@ OpenVPN .. opcmd:: generate pki openvpn shared-secret - Genearate a new OpenVPN shared secret. The generated secred is the output to + Genearate a new OpenVPN shared secret. The generated secret is the output to the console. .. opcmd:: generate pki openvpn shared-secret install - Genearate a new OpenVPN shared secret. The generated secred is the output to + Genearate a new OpenVPN shared secret. The generated secret is the output to the console. .. include:: pki_cli_import_help.txt @@ -248,6 +248,35 @@ certificates used by services on this router. If CA is present, this certificate will be included in generated CRLs +Import files to PKI format +-------------------------- +VyOS provides this utility to import existing certificates/key files directly +into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the +/config folder permanently and will be retained post upgrade. + +.. opcmd:: import pki ca file + + Import the public CA certificate from the defined file to VyOS CLI. + +.. opcmd:: import pki ca key-file + + Import the CAs private key portion to the CLI. This should never leave the + system as it is used to decrypt the data. The key is required if you use + VyOS as your certificate generator. + +.. opcmd:: import pki certificate file + + Import the certificate from the file to VyOS CLI. + +.. opcmd:: import pki certificate key-file + + Import the private key of the certificate to the VyOS CLI. This should never + leave the system as it is used to decrypt the data. + +.. opcmd:: import pki openvpn shared-secret file + + Import the OpenVPN shared secret stored in file to the VyOS CLI. + ACME ^^^^ -- cgit v1.2.3