Importing Certificates
Import certificates issued by the CA server into service nodes.
echo password | /home/omm/haf-install/haf-dir/tools/haf-tool cert --server <ca_server_ip> --path <ca_server_path> --user <ca_server_user> --import
[root@agent3]# /home/omm/haf-install/haf-target/tools/haf-tool cert --server xx.xx.xx.xx --path /home/ca_server/ --user root --import please enter passwd: [transfer ca.crt Success] [verify ca.crt Success] SHA1 Fingerprint=D9:16:7C:E2:86:D0:EB:51:DF:F4:BA:CF:9E:A3:60:38:D0:23:F7:58 [transfer target crt Success] [verify target crt Success] [delete target csr Success]
For example, after the preceding steps are performed for an offload node, check whether the updated service.crt file exists in the /home/omm/haf-install/haf-target/cert directory.
- haf-dir indicates the installation directory.
- If haf-dir is set to haf-host, it indicates the host node.
- If haf-dir is set to haf-target, it indicates the service installation on the offload node.
- If haf-dir is set to haf-offload, it indicates the library installation on the offload node.
- The script parameters are described as follows:
- ca_server_ip: IP address of the CA server for issuing certificates.
- ca_server_path: Certificate issuing path of the CA server.
- ca_server_user: User name for logging in to the CA server.
- During certificate import, the CA certificate of the remote CA server is also imported.
Parent topic: Configure Certificates