Importing a syslog ca certificate – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual
Page 73
Network OS NETCONF Operations Guide
41
53-1003231-02
Syslog server setup
3
<edit-config>
<target>
<running/>
</target>
<config>
<logging xmlns="urn:brocade.com:mgmt:brocade-ras">
<syslog-server>
<syslogip>192.168.163.233</syslogip>
<secure xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
operation="delete"/>
</syslog-server>
<syslog-server>
<syslogip>192.168.163.236</syslogip>
<secure/>
<port>2001</port>
</syslog-server>
</logging>
</config>
</edit-config>
</rpc>
<rpc-reply message-id="323" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Importing a syslog CA certificate
You must install a syslog CA certificate for secure syslog to function correctly. You do not need to
import a syslog CA certificate to log messages in non-secure mode.
You can install only one syslog CA certificate. This procedure returns an error if a syslog CA
certificate is already installed.
1. Issue the <syslogca> action located in the <certutil>/<import> node in the
urn:brocade.com:mgmt:brocade-certutil namespace.
2. Under the <syslogca> node, include the following leaf elements to specify the input
parameters.
a. In the <protocol> element, specify either SCP or FTP to identify the protocol to be used for
importing the certificate.
b. In the <user> element, enter the login user name for the remote server where the
certificate resides.
c. In the <password> element, enter the password for the user account.
d. In the <host> element, enter the IPv4 address of the remote host.
e. In the <directory> element, specify the path to the directory that contains the certificate
file on the remote host.
f.
In the <file> element, specify the certificate filename.
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="324">
<action xmlns:nca="http://tail-f.com/ns/netconf/actions/1.0">
<data>
<certutil xmlns="urn:brocade.com:mgmt:brocade-certutil">
<import>
<syslogca>
<protocol>SCP</protocol>