tools system

system
+  aaa
   +  authentication
      +  session id number 
         +  disconnect 
+  app-management
   +  application name string 
      +  kill 
      +  quit 
      +  reload 
      +  restart
         +  cold 
         +  warm 
      +  start 
      +  statistics
         +  clear 
      +  stop 
+  boot
   +  golden-image
      +  clear 
      +  image string
+  cgroup
+  configuration
   +  candidate name string 
      +  clear 
   +  checkpoint id (number | checkpoint-name) 
      +  clear 
      +  load 
      +  revert 
   +  confirmed-accept 
   +  confirmed-reject 
   +  generate-checkpoint
      +  comment string
      +  name string
   +  rescue-clear 
   +  rescue-save 
   +  save 
   +  session id number 
      +  clear 
   +  upgrade
      +  checkpoint id (number | checkpoint-name) 
      +  file string
      +  rescue 
      +  startup 
+  dhcp-relay
   +  update-dns-entries 
+  dhcp-server
   +  network-instance name string 
      +  dhcpv4
         +  statistics
            +  clear 
      +  dhcpv6
         +  statistics
            +  clear 
+  event-handler
   +  instance name string 
      +  reload 
      +  statistics
         +  clear 
+  gnoi
   +  healthz
      +  chassis
         +  clear 
      +  clear 
      +  control
         +  clear 
         +  slot string
      +  fabric
         +  clear 
         +  slot number
      +  fan-tray
         +  clear 
         +  id number
      +  linecard
         +  clear 
         +  slot number
      +  power-supply
         +  clear 
         +  id number
      +  transceiver
         +  clear 
         +  interface string
+  gribi-server
   +  client id number 
      +  disconnect 
+  l2cp-transparency
   +  dot1x
      +  clear 
   +  l2cp-total-statistics
      +  clear 
   +  lacp
      +  clear 
   +  lldp
      +  clear 
   +  ptp
      +  clear 
   +  xstp
      +  clear 
+  lldp
   +  interface name string 
      +  statistics
         +  clear 
   +  statistics
      +  clear 
+  mirroring
   +  mirroring-instance name string 
      +  mirror-destination
         +  statistics
            +  clear 
+  p4rt-server
   +  client id number 
      +  disconnect 
+  packet-trace-base64
   +  interface string
   +  packet binary
+  sync
   +  ptp
      +  instance instance-number number 
         +  default-ds
            +  statistics
               +  clear 
            +  time-recovery-engine
               +  statistics
                  +  clear 
         +  ptp-port-ds port-number number 
            +  statistics
               +  clear 
      +  statistics
         +  clear 
+  tls
   +  generate-csr
      +  common-name string
      +  country string
      +  domain-names string
      +  email string
      +  ip-addresses (ipv4-address | ipv6-address)
      +  key-size number
      +  key-type keyword
      +  locality string
      +  organization string
      +  organization-unit string
      +  spiffe-id string
      +  state string
      +  type keyword
   +  generate-self-signed
      +  common-name string
      +  country string
      +  domain-names string
      +  duration number
      +  email string
      +  ip-addresses (ipv4-address | ipv6-address)
      +  key-size number
      +  key-type keyword
      +  locality string
      +  organization string
      +  organization-unit string
      +  spiffe-id string
      +  state string
      +  type keyword

system Descriptions

system

Description Enclosing container for system management.
Contextsystem
Treesystem
ConfigurableTrue
PlatformsSupported on all platforms

aaa

Description Top-level container for operational commands related to AAA
Contextsystem aaa
Treeaaa
ConfigurableTrue
PlatformsSupported on all platforms

authentication

Description Operational commands related to authentication
Contextsystem aaa authentication
Treeauthentication
ConfigurableTrue
PlatformsSupported on all platforms
session id number
Description List of active sessions in the system
Contextsystem aaa authentication session id number
Treesession
ConfigurableTrue
PlatformsSupported on all platforms

app-management

Description Operational commands related to app-management
Contextsystem app-management
Treeapp-management
ConfigurableTrue
PlatformsSupported on all platforms

application name string

Description List of all applications managed by the application manager
Contextsystem app-management application name string
Treeapplication
ConfigurableTrue
PlatformsSupported on all platforms
restart
Description

Restart the application instance

The best restart that is supported by the application is used if neither 'warm' or 'cold' is specified. If 'warm' restart is supported that will be used, or 'cold' if 'warm' is unavailable.

A 'warm' restart will result in the application leaving its state in IDB during the restart, and recovering it post restart. This restart type results in less disruption to surrounding applications that would depend on the restarting applications state.

A 'cold' restart will result in a normal stop/start of the application, including the purging of its state in IDB.

Contextsystem app-management application name string restart
Treerestart
ConfigurableTrue
PlatformsSupported on all platforms

boot

Description Top-level container for operational commands related to booting the system
Contextsystem boot
Treeboot
ConfigurableTrue
PlatformsSupported on all platforms

golden-image

Description Container for operational commands related to golden image
Contextsystem boot golden-image
Treegolden-image
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7250 IXR-6, 7220 IXR-H2, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-H3, 7250 IXR-10, 7220 IXR-H4, 7250 IXR-6e, 7220 IXR-D3, 7250 IXR-10e
clear
Description Unset the golden-image
Context system boot golden-image clear
Treeclear
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7250 IXR-6, 7220 IXR-H2, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-H3, 7250 IXR-10, 7220 IXR-H4, 7250 IXR-6e, 7220 IXR-D3, 7250 IXR-10e
image string
Description

Sets the golden image the system uses

This command selects an image to act as a golden-image to which the system reverts when a factory reset operation is requested.

Contextsystem boot golden-image image string
Treeimage
String Length1 to 255
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7250 IXR-6, 7220 IXR-H2, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-H3, 7250 IXR-10, 7220 IXR-H4, 7250 IXR-6e, 7220 IXR-D3, 7250 IXR-10e

cgroup

Description Top-level container for query commands related to cgroup in the system
Contextsystem cgroup
Treecgroup
ConfigurableTrue
PlatformsSupported on all platforms

configuration

Description Top-level container for operational commands related to the system configuration
Contextsystem configuration
Treeconfiguration
ConfigurableTrue
PlatformsSupported on all platforms

candidate name string

Description List of configuration candidates currently active
Contextsystem configuration candidate name string
Treecandidate
ConfigurableTrue
PlatformsSupported on all platforms
name string
Description The name of the candidate
Context system configuration candidate name string
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
clear
Description

Clear the candidate from the system, discarding any changes

This results in any users currently in the candidate being dropped back to running mode.

Contextsystem configuration candidate name string clear
Treeclear
ConfigurableTrue
PlatformsSupported on all platforms

checkpoint id (number | checkpoint-name)

Description List of current checkpoints present in the system
Contextsystem configuration checkpoint id (number | checkpoint-name)
Treecheckpoint
ConfigurableTrue
PlatformsSupported on all platforms
id (number | checkpoint-name)
Description System generated ID, or operator defined name for the checkpoint
Contextsystem configuration checkpoint id (number | checkpoint-name)
ConfigurableTrue
PlatformsSupported on all platforms
load
Description Load candidate from saved checkpoint configuration
Contextsystem configuration checkpoint id (number | checkpoint-name) load
Treeload
ConfigurableTrue
PlatformsSupported on all platforms
revert
Description

Revert running system configuration to the saved checkpoint configuration

This functions as a load and commit action.

Contextsystem configuration checkpoint id (number | checkpoint-name) revert
Treerevert
ConfigurableTrue
PlatformsSupported on all platforms

generate-checkpoint

Description Generate a checkpoint point based on the current running configuration
Contextsystem configuration generate-checkpoint
Treegenerate-checkpoint
ConfigurableTrue
PlatformsSupported on all platforms

rescue-save

Description Save current running configuration as rescue configuration - rescue-config.json
Contextsystem configuration rescue-save
Treerescue-save
ConfigurableTrue
PlatformsSupported on all platforms

save

Description Save current running configuration as initial (startup) configuration - config.json
Contextsystem configuration save
Treesave
ConfigurableTrue
PlatformsSupported on all platforms

session id number

Description List of configuration sessions currently active
Contextsystem configuration session id number
Treesession
ConfigurableTrue
PlatformsSupported on all platforms
id number
Description System generated ID for the configuration session
Contextsystem configuration session id number
ConfigurableTrue
PlatformsSupported on all platforms
clear
Description Clear the session from the system, discarding any changes
Contextsystem configuration session id number clear
Treeclear
ConfigurableTrue
PlatformsSupported on all platforms

upgrade

Description Operational commands related to configuration upgrade
Contextsystem configuration upgrade
Treeupgrade
ConfigurableTrue
PlatformsSupported on all platforms
checkpoint id (number | checkpoint-name)
Description List of configuration checkpoints
Context system configuration upgrade checkpoint id (number | checkpoint-name)
Treecheckpoint
ConfigurableTrue
PlatformsSupported on all platforms
id (number | checkpoint-name)
Description System generated ID, or operator defined name for the checkpoint
Contextsystem configuration upgrade checkpoint id (number | checkpoint-name)
ConfigurableTrue
PlatformsSupported on all platforms
file string
Description System file path to a json configuration file
Contextsystem configuration upgrade file string
Treefile
ConfigurableTrue
PlatformsSupported on all platforms

dhcp-relay

Description Enable the dhcp-relay context
Context system dhcp-relay
Treedhcp-relay
ConfigurableTrue
PlatformsSupported on all platforms

update-dns-entries

Description

Update all dhcp-relay server domain name resolutions

A server host entry that cannot be resolved will be unavailable until it can be successfully resolved.

Contextsystem dhcp-relay update-dns-entries
Treeupdate-dns-entries
ConfigurableTrue
PlatformsSupported on all platforms

dhcp-server

Description Enable the dhcp-server context
Context system dhcp-server
Treedhcp-server
ConfigurableTrue
PlatformsSupported on all platforms

network-instance name string

Description List of network instances to run a dhcp server in
Contextsystem dhcp-server network-instance name string
Treenetwork-instance
ConfigurableTrue
PlatformsSupported on all platforms
dhcpv4
Description Enter the dhcpv4 context
Context system dhcp-server network-instance name string dhcpv4
Treedhcpv4
ConfigurableTrue
PlatformsSupported on all platforms
dhcpv6
Description Enter the dhcpv6 context
Context system dhcp-server network-instance name string dhcpv6
Treedhcpv6
ConfigurableTrue
PlatformsSupported on all platforms

event-handler

Description Top-level container for operational commands on event handler and event handling instances
Contextsystem event-handler
Treeevent-handler
ConfigurableTrue
PlatformsSupported on all platforms

instance name string

Description List of all event handler instances
Context system event-handler instance name string
Treeinstance
ConfigurableTrue
PlatformsSupported on all platforms
Max. Elements20
name string
Description A user-defined name for this event handler instance
Contextsystem event-handler instance name string
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms

gnoi

Description Top-level container for operational commands related to gNOI
Contextsystem gnoi
Treegnoi
ConfigurableTrue
PlatformsSupported on all platforms

healthz

Description gNOI Healthz tools commands
Context system gnoi healthz
Treehealthz
ConfigurableTrue
PlatformsSupported on all platforms
clear
Description Clear all healthz events
Context system gnoi healthz clear
Treeclear
ConfigurableTrue
PlatformsSupported on all platforms
fabric
Description Fabric module component
Context system gnoi healthz fabric
Treefabric
ConfigurableTrue
PlatformsSupported on all platforms
slot number
Description Numeric identifier for the fabric module
Contextsystem gnoi healthz fabric slot number
Treeslot
ConfigurableTrue
PlatformsSupported on all platforms
power-supply
Description Power supply component
Context system gnoi healthz power-supply
Treepower-supply
ConfigurableTrue
PlatformsSupported on all platforms
id number
Description Numeric identifier for the power supply module
Contextsystem gnoi healthz power-supply id number
Treeid
ConfigurableTrue
PlatformsSupported on all platforms
transceiver
Description Transceiver component
Context system gnoi healthz transceiver
Treetransceiver
ConfigurableTrue
PlatformsSupported on all platforms

gribi-server

Description Tools relating to the gRPC Routing Information Base Interface (gRIBI) service
Contextsystem gribi-server
Treegribi-server
ConfigurableTrue
Platforms7250 IXR-6e, 7250 IXR-10, 7250 IXR-6, 7250 IXR-10e

client id number

Description List of active gRIBI client sessions
Context system gribi-server client id number
Treeclient
ConfigurableTrue
Platforms7250 IXR-6e, 7250 IXR-10, 7250 IXR-6, 7250 IXR-10e
id number
Description System generated ID for for the client
Contextsystem gribi-server client id number
Range0 to 4294967295
ConfigurableTrue
Platforms7250 IXR-6e, 7250 IXR-10, 7250 IXR-6, 7250 IXR-10e

l2cp-transparency

Description Enable the l2cp-transparency context
Context system l2cp-transparency
Treel2cp-transparency
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

dot1x

Description Enter the dot1x context
Context system l2cp-transparency dot1x
Treedot1x
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3
clear
Description Clears the statistics for the 802.1x Port based Network Access Control protocol.
Contextsystem l2cp-transparency dot1x clear
Treeclear
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

l2cp-total-statistics

Description Enter the l2cp-total-statistics context
Contextsystem l2cp-transparency l2cp-total-statistics
Treel2cp-total-statistics
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

lacp

Description Enter the lacp context
Context system l2cp-transparency lacp
Treelacp
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3
clear
Description Clears the statistics for Link Aggregation Control Protocol.
Contextsystem l2cp-transparency lacp clear
Treeclear
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

lldp

Description Enter the lldp context
Context system l2cp-transparency lldp
Treelldp
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3
clear
Description Clears the statistics for Link Layer Discovery Protocol.
Contextsystem l2cp-transparency lldp clear
Treeclear
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

ptp

Description Enter the ptp context
Context system l2cp-transparency ptp
Treeptp
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3
clear
Description Clears the statistics for the Precision Time Protocol .
Contextsystem l2cp-transparency ptp clear
Treeclear
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

xstp

Description Enter the xstp context
Context system l2cp-transparency xstp
Treexstp
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3
clear
Description Clears the statistics for all the Spanning Tree Protocols.
Contextsystem l2cp-transparency xstp clear
Treeclear
ConfigurableTrue
Platforms7220 IXR-D5, 7220 IXR-D3L, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D4, 7220 IXR-D2, 7220 IXR-D3

lldp

Description Top-level container for LLDP tools
Context system lldp
Treelldp
ConfigurableTrue
PlatformsSupported on all platforms

interface name string

Description List of interfaces on which LLDP is enabled
Contextsystem lldp interface name string
Treeinterface
ConfigurableTrue
PlatformsSupported on all platforms
name string
Description Reference to a LLDP Ethernet interface
Contextsystem lldp interface name string
ConfigurableTrue
PlatformsSupported on all platforms

statistics

Description LLDP global statistics tools commands
Contextsystem lldp statistics
Treestatistics
ConfigurableTrue
PlatformsSupported on all platforms

mirroring

Description Enter the mirroring context
Context system mirroring
Treemirroring
ConfigurableTrue
Platforms7220 IXR-D5, 7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D4

mirroring-instance name string

Description Enter the mirroring-instance list instance
Contextsystem mirroring mirroring-instance name string
Treemirroring-instance
ConfigurableTrue
Platforms7220 IXR-D5, 7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D4
name string
Description A unique name identifying the mirroring instance
Contextsystem mirroring mirroring-instance name string
ConfigurableTrue
Platforms7220 IXR-D5, 7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D4
mirror-destination
Description Configure mirror destination
Context system mirroring mirroring-instance name string mirror-destination
Treemirror-destination
ConfigurableTrue
Platforms7220 IXR-D5, 7250 IXR-10e, 7250 IXR-6e, 7220 IXR-D4

p4rt-server

Description Tools relating to the P4Runtime service
Contextsystem p4rt-server
Treep4rt-server
ConfigurableTrue
Platforms7250 IXR-6e, 7250 IXR-10, 7250 IXR-6, 7250 IXR-10e

client id number

Description List of active P4Runtime client sessions
Contextsystem p4rt-server client id number
Treeclient
ConfigurableTrue
Platforms7250 IXR-6e, 7250 IXR-10, 7250 IXR-6, 7250 IXR-10e
id number
Description System generated ID for for the client
Contextsystem p4rt-server client id number
Range0 to 4294967295
ConfigurableTrue
Platforms7250 IXR-6e, 7250 IXR-10, 7250 IXR-6, 7250 IXR-10e

packet-trace-base64

Description Tools command to report the forwarding behavior for a specified test packet (packet specified in base64 format)
Contextsystem packet-trace-base64
Treepacket-trace-base64
ConfigurableTrue
Platforms7220 IXR-D3L, 7250 IXR-6, 7220 IXR-H2, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D2, 7220 IXR-H3, 7250 IXR-10, 7220 IXR-H4, 7250 IXR-6e, 7220 IXR-D3, 7250 IXR-10e

interface string

Description References the configured name of the interface in which to inject the probe packet
Contextsystem packet-trace-base64 interface string
Treeinterface
ConfigurableTrue
Platforms7220 IXR-D3L, 7250 IXR-6, 7220 IXR-H2, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D2, 7220 IXR-H3, 7250 IXR-10, 7220 IXR-H4, 7250 IXR-6e, 7220 IXR-D3, 7250 IXR-10e

packet binary

Description Packet content encoded in base64 string format
Contextsystem packet-trace-base64 packet binary
Treepacket
ConfigurableTrue
Platforms7220 IXR-D3L, 7250 IXR-6, 7220 IXR-H2, 7220 IXR-D2L, 7220 IXR-D1, 7220 IXR-D2, 7220 IXR-H3, 7250 IXR-10, 7220 IXR-H4, 7250 IXR-6e, 7220 IXR-D3, 7250 IXR-10e

sync

Description Top-level grouping for sync operational commands
Contextsystem sync
Treesync
ConfigurableTrue
Platforms7220 IXR-D5

ptp

Description Grouping for ptp operational commands
Contextsystem sync ptp
Treeptp
ConfigurableTrue
Platforms7220 IXR-D5
instance instance-number number
Description Grouping for PTP instance operational commands
Contextsystem sync ptp instance instance-number number
Treeinstance
ConfigurableTrue
Platforms7220 IXR-D5
default-ds
Description The default data set of the PTP Instance In the context of the protocol, this data set is required for an Ordinary Clock or Boundary Clock
Contextsystem sync ptp instance instance-number number default-ds
Treedefault-ds
ConfigurableTrue
Platforms7220 IXR-D5
time-recovery-engine
Description Enter the time-recovery-engine context
Contextsystem sync ptp instance instance-number number default-ds time-recovery-engine
Treetime-recovery-engine
ConfigurableTrue
Platforms7220 IXR-D5
ptp-port-ds port-number number
Description Grouping for PTP Port DS operational commands
Contextsystem sync ptp instance instance-number number ptp-port-ds port-number number
Treeptp-port-ds
ConfigurableTrue
Platforms7220 IXR-D5

tls

Description Top-level container for operational commands related to TLS
Contextsystem tls
Treetls
ConfigurableTrue
PlatformsSupported on all platforms

generate-csr

Description

Generates a certificate signing request and key pair

Fields for the certificate are taken from OpenSSL defaults, with the exception of the common name, which is taken from the system host name and domain name combination.

Contextsystem tls generate-csr
Treegenerate-csr
ConfigurableTrue
PlatformsSupported on all platforms
common-name string
Description

The common name to use for the certificate signing request

By default the common name is set to the system host name and domain name combination.

Contextsystem tls generate-csr common-name string
Treecommon-name
String Length1 to 64
ConfigurableTrue
PlatformsSupported on all platforms
country string
Description

The country name to use for the certificate signing request

The expected format is two characters long, e.g. 'US'.

Contextsystem tls generate-csr country string
Treecountry
String Length2
DefaultUS
ConfigurableTrue
PlatformsSupported on all platforms
domain-names string
Description

Domain names to add to the SubjectAlternativeName field within the certificate signing request

These names are encoeded as DNS:<name> within the certificate SAN.

Contextsystem tls generate-csr domain-names string
Treedomain-names
String Length1 to 253
ConfigurableTrue
PlatformsSupported on all platforms
Max. Elements32
email string
Description The email address to use for the certificate signing request
Contextsystem tls generate-csr email string
Treeemail
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
ip-addresses (ipv4-address | ipv6-address)
Description

IP addresses to add to the SubjectAlternativeName field within the certificate signing request

These addresses are encoded as IP:<ip> within the certificate SAN.

Contextsystem tls generate-csr ip-addresses (ipv4-address | ipv6-address)
Treeip-addresses
ConfigurableTrue
PlatformsSupported on all platforms
Max. Elements32
key-size number
Description The size of the private key to generate for the certificate signing request
Contextsystem tls generate-csr key-size number
Treekey-size
Range1024 to 16384
Default4096
ConfigurableTrue
PlatformsSupported on all platforms
key-type keyword
Description The type of private key to generate for the certificate signing request
Contextsystem tls generate-csr key-type keyword
Treekey-type
Defaultrsa
Options
  • rsa

ConfigurableTrue
PlatformsSupported on all platforms
locality string
Description The city or locality to use for the certificate signing request
Contextsystem tls generate-csr locality string
Treelocality
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
organization string
Description The organization to use for the certificate signing request
Contextsystem tls generate-csr organization string
Treeorganization
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
spiffe-id string
Description

A SPIFFE ID to use for the certificate signing request

This ID is in URI form, including the leading 'spiffe://', for example 'spiffe://srlinux.dev/sa/user'.

Contextsystem tls generate-csr spiffe-id string
Treespiffe-id
ConfigurableTrue
PlatformsSupported on all platforms
state string
Description The state or province to use for the certificate signing request
Contextsystem tls generate-csr state string
Treestate
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
type keyword
Description The type of certificate to use for the certificate signing request
Contextsystem tls generate-csr type keyword
Treetype
Defaultx509
Options
  • x509

ConfigurableTrue
PlatformsSupported on all platforms

generate-self-signed

Description

Generates a self signed certificate and key pair

Fields for the self signed certificate are taken from OpenSSL defaults, with the exception of the common name, which is taken from the system host name and domain name combination.

Contextsystem tls generate-self-signed
Treegenerate-self-signed
ConfigurableTrue
PlatformsSupported on all platforms
common-name string
Description

The common name to use for the certificate signing request

By default the common name is set to the system host name and domain name combination.

Contextsystem tls generate-self-signed common-name string
Treecommon-name
String Length1 to 64
ConfigurableTrue
PlatformsSupported on all platforms
country string
Description

The country name to use for the certificate signing request

The expected format is two characters long, e.g. 'US'.

Contextsystem tls generate-self-signed country string
Treecountry
String Length2
DefaultUS
ConfigurableTrue
PlatformsSupported on all platforms
domain-names string
Description

Domain names to add to the SubjectAlternativeName field within the certificate signing request

These names are encoeded as DNS:<name> within the certificate SAN.

Contextsystem tls generate-self-signed domain-names string
Treedomain-names
String Length1 to 253
ConfigurableTrue
PlatformsSupported on all platforms
Max. Elements32
duration number
Description The time in which the certificate is valid
Contextsystem tls generate-self-signed duration number
Treeduration
Range1 to 3650
Default365
Unitsdays
Configurable True
PlatformsSupported on all platforms
email string
Description The email address to use for the certificate signing request
Contextsystem tls generate-self-signed email string
Treeemail
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
ip-addresses (ipv4-address | ipv6-address)
Description

IP addresses to add to the SubjectAlternativeName field within the certificate signing request

These addresses are encoded as IP:<ip> within the certificate SAN.

Contextsystem tls generate-self-signed ip-addresses (ipv4-address | ipv6-address)
Treeip-addresses
ConfigurableTrue
PlatformsSupported on all platforms
Max. Elements32
key-size number
Description The size of the private key to generate for the certificate signing request
Contextsystem tls generate-self-signed key-size number
Treekey-size
Range1024 to 16384
Default4096
ConfigurableTrue
PlatformsSupported on all platforms
key-type keyword
Description The type of private key to generate for the certificate signing request
Contextsystem tls generate-self-signed key-type keyword
Treekey-type
Defaultrsa
Options
  • rsa

ConfigurableTrue
PlatformsSupported on all platforms
locality string
Description The city or locality to use for the certificate signing request
Contextsystem tls generate-self-signed locality string
Treelocality
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
spiffe-id string
Description

A SPIFFE ID to use for the certificate signing request

This ID is in URI form, including the leading 'spiffe://', for example 'spiffe://srlinux.dev/sa/user'.

Contextsystem tls generate-self-signed spiffe-id string
Treespiffe-id
ConfigurableTrue
PlatformsSupported on all platforms
state string
Description The state or province to use for the certificate signing request
Contextsystem tls generate-self-signed state string
Treestate
String Length1 to 255
ConfigurableTrue
PlatformsSupported on all platforms
type keyword
Description The type of certificate to use for the certificate signing request
Contextsystem tls generate-self-signed type keyword
Treetype
Defaultx509
Options
  • x509

ConfigurableTrue
PlatformsSupported on all platforms