To allow the gateway to connect to TLS syslog server the TLS server root certificate must be downloaded to the gateway using the copy scp root-ca syslog or copy usb root-ca syslog CLI commands. If the syslog server also verifies the client identity then an appropriate identity certificate and private key in PKCS #12 format must be downloaded to the gateway using the copy scp gw-identity syslog or copy usb gw-identity syslog. Use the show logging server condition CLI command to verify that the syslog server is enabled and the gateway is connected to the syslog server.
Name |
Description |
certificate-options syslog |
Certificate validations for syslog. |
set validate-alternate-name |
Enable or disable alternate name validation for peer certificates. |
set validate-common-name |
Enable or disable common name validation for peer certificates. |
set validate-expiration |
Configure certificate expiration validation for peer certificates. |
show certificate-options |
Displays the certificate options. |
show certificate-options syslog |
Displays the certificate options for syslog. |
copy scp root-ca syslog |
Copy and install a trusted certificate for syslog. |
copy usb root-ca syslog |
Copy and install a trusted certificate for syslog. |
erase root-ca syslog |
Remove a trusted root certificate for syslog. |
show root-ca syslog |
List all trusted certificate for syslog. |
copy scp gw-identity syslog |
Copy and install a X.509 identity certificate with private key syslog. |
copy usb gw-identity syslog |
Copy and install a X.509 identity certificate with private key syslog. |
erase gw-identity syslog |
Erase the identity certificate for syslog. |
show gw-identity syslog |
Show the identity certificate for syslog. |
