Security Admin
These are the security key-related and certificate utility commands. Only Security Admin users can use these commands.
KEY
 |
Note1: Log on with Admin or Security Admin user privileges to perform this procedure. Note2: + select one parameter from list. * Required parameter. |
The OLT security portion of the CLI menus is used to manage and edit security information. It allows adding a device certificate to the OLT with it's private key and public certificate. It also allows management of trust anchors which control what certificates the OLT will trust. The OLT is delivered with a set of Tellabs signed certificates that are used by default.
- Command Path - ont security
- Action -
- key - SSL Certificate Utility
- edit - Edit/Import device certificate stored on NE
-
*ont-id= - [MDS slot]-[PON port]-[ONT ID]
-
*passphrase= - passphrase for decrypt/encrypt of certificate (Must be 4 or more alpha numberic characters)
- + pem - Specifies PEM certificate storage format
- + pkcs12 - Specifies PKCS12 certificate storage format.
- + terminal - Manually paste the certificate via terminal input (Must be in PEM format)
- + url - URL to download the certificates from. e.g: https://[username[:password]@]location[:port][/path]/filename.
-
- edit - Edit/Import device certificate stored on NE
- key - SSL Certificate Utility
Example Scripts:
ont security> key edit pem url [passphrase=<pass phrase>] _ |
ont security> key edit pem url https://<username>:<password>@<ems ip address>:8090/certificates/anchor/ <filename.pem> passphrase=<pass_phrase> _ |
PKI CA Trust Point
Manage and edit Public Key Infrastructure (PKI) Certificate Authority Trust Point.
- Command Path - ont>security
- Action -
- pki-ca-trustpoint - Public Key Infrastructure Certificate Authority trust point management
- certificate - SSL Certificate Utility
- edit - Import Certificate stored on NE
- *ont-id= - [MDS slot]-[PON port]-[ONT ID]
- *passphrase= - passphrase for decrypt/encrypt of certificate (Must be 4 or more alpha numberic characters)
- +der - Specifies DER certificate storage format
- +pkcs12 - Specifies PKCS12 certificate storage format
- +terminal - Manually enter certificate via terminal input (Must be in PEM format)
-
+url= - URL to download the certificates form. e.g: https://[username[:password]@]location[:port][/path]/filename
- edit - Import Certificate stored on NE
- certificate - SSL Certificate Utility
- pki-ca-trustpoint - Public Key Infrastructure Certificate Authority trust point management
To apply the anchor certificates for the ONT, when the certificate type is pem, enter the following command:
ont security> pki-ca-trustpoint certificate edit pem url=https://<username>:<password>@ <ems ip address>:8090/certificates/anchor/<filename.pem> passphrase=<pass_phrase> _ |
Previous |
FEEDBACK: Are you happy with this material?
Thank you Your feedback helps us to continually improve our content.
On this page