diff options
| author | srividya0208 <a.srividya@vyos.io> | 2024-02-20 12:05:12 -0500 | 
|---|---|---|
| committer | srividya0208 <a.srividya@vyos.io> | 2024-02-20 12:05:12 -0500 | 
| commit | e93c4723c7667864867cfbffb74c7239cbee9e6c (patch) | |
| tree | deaf9ea52b05f6aa1db3ad70ed6df8b398f514e0 /docs/configuration | |
| parent | ef69ba431c9ebd7929f6205db6ef6d09a200ade4 (diff) | |
| download | vyos-documentation-e93c4723c7667864867cfbffb74c7239cbee9e6c.tar.gz vyos-documentation-e93c4723c7667864867cfbffb74c7239cbee9e6c.zip | |
Op-mode:Added information about import to pki functionality
Diffstat (limited to 'docs/configuration')
| -rw-r--r-- | docs/configuration/pki/index.rst | 33 | 
1 files changed, 31 insertions, 2 deletions
| diff --git a/docs/configuration/pki/index.rst b/docs/configuration/pki/index.rst index 1fea13ac..a42e286e 100644 --- a/docs/configuration/pki/index.rst +++ b/docs/configuration/pki/index.rst @@ -118,12 +118,12 @@ OpenVPN  .. opcmd:: generate pki openvpn shared-secret -  Genearate a new OpenVPN shared secret. The generated secred is the output to +  Genearate a new OpenVPN shared secret. The generated secret is the output to    the console.  .. opcmd:: generate pki openvpn shared-secret install <name> -  Genearate a new OpenVPN shared secret. The generated secred is the output to +  Genearate a new OpenVPN shared secret. The generated secret is the output to    the console.    .. include:: pki_cli_import_help.txt @@ -248,6 +248,35 @@ certificates used by services on this router.    If CA is present, this certificate will be included in generated CRLs +Import files to PKI format +--------------------------  +VyOS provides this utility to import existing certificates/key files directly  +into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the  +/config folder permanently and will be retained post upgrade. + +.. opcmd:: import pki ca <name> file <Path to CA certificate file> + +  Import the public CA certificate from the defined file to VyOS CLI. + +.. opcmd:: import pki ca <name> key-file <Path to private key file>  + +  Import the CAs private key portion to the CLI. This should never leave the  +  system as it is used to decrypt the data. The key is required if you use  +  VyOS as your certificate generator. + +.. opcmd:: import pki certificate <name> file <path to certificate> + +  Import the certificate from the file to VyOS CLI. + +.. opcmd:: import pki certificate <name> key-file <path to private key> + +  Import the private key of the certificate to the VyOS CLI. This should never +  leave the system as it is used to decrypt the data. + +.. opcmd:: import pki openvpn shared-secret <name> file <path to OpenVPN secret key> + +  Import the OpenVPN shared secret stored in file to the VyOS CLI. +  ACME  ^^^^ | 
