Certificate Management Commands

nv show system security ca-certificate

	nv show system security ca-certificate Display owned CA certificates.
Syntax Description	N/A
Default	N/A
History	25.02.2002 25.02.3000 Updated command output
Example	`admin@nvos:~$ nv show system security ca-certificate Certificate ID Serial Number Valid From Valid To Summary -------------- --------------------------------- ------------------------- ------------------------- ------------------------ ca_id_168 43:69:66:63:11:75:31:00:95:03:96: 2025-02-18T16:06:37+02:00 2026-02-18T16:06:37+02:00 count: 1 Installed: nvue-rest-api`
REST API	GET https://<ip>/nvue_v1/system/security/ca-certificate/
Related Commands	nv action import system security ca-certificate {cacert id}
Notes

nv show system security certificate

	nv show system security certificate Display owned certificates.
Syntax Description	N/A
Default	N/A
History	25.02.2002 25.02.3000 Updated command output
Example	`admin@nvos:~$ nv show system security certificate Certificate ID Serial Number Valid From Valid To Summary -------------- ------------------------- ------------------------- ------------------------- ------------------------ cert_id_396 5A:A6:4C:4A:8C:B8:9A:89:8 2025-02-18T16:06:37+02:00 2026-02-18T16:06:37+02:00 Installed: nvue-rest-api Installed: gnmi-server`
REST API	GET https://<ip>/nvue_v1/system/security/ca-certificate/
Related Commands	nv action import system security certificate {cacert id}
Notes

nv show system security crl

	nv show system security crl Display owned certificates.
Syntax Description	N/A
Default	N/A
History	25.02.2002 25.02.3000 Updated command output
Example	`admin@nvos:~$nv show system security crl ID Issuer CRL Number Last Update Count Revoked Summary ---------------- ------- ---------- -------------------- ----- ------- ---------------------- crl_01 Root CA 1 Mar 26 09:04:38 2025 1 1 Installed: gnmi-server`
REST API	GET https://<ip>/nvue_v1/system/security/crl/
Related Commands	nv action import system security crl {crl id}
Notes

nv action delete system security ca-certificate

	nv action delete system security ca-certificate <cacert-id> Delete system security CA certificate.
Syntax Description	cacert-id	CA certificate ID removed during import
Default	N/A
History	25.02.2002
Example	`admin@nvos:~$ nv action delete system security ca-certificate {cacert id}`
REST API	DELETE https://<ip>/nvue_v1/system/security/ca-certificate/{cacert id}
Related Commands	nv action import system security ca-certificate {cacert id}
Notes

nv action delete system security certificate

	nv action delete system security certificate <cert-id> Delete system security CA certificate.
Syntax Description	cert-id	Certificate ID removed during import
Default	N/A
History	25.02.2002
Example	`admin@nvos:~$ nv action delete system security certificate {cert id}`
REST API	DELETE https://<ip>/nvue_v1/system/security/certificate/{cert id}
Related Commands	nv action import system security certificate {cert id}
Notes

nv action import system security ca-certificate

	nv action import system security ca-certificate <cacert-id> <uri {remote-url} \| data> <remote-url \| cacert-data> [external-ca] Import system security CA certificate bundle.
Syntax Description	cacert-id	Unique CA Certificate ID that was named by the user
	uri	A local/remote URI from where the certificate file (containing the public-key) can be retrieved. Supports: ftp, scp and sftp (e.g., scp://user[:password]@hostname/path/filename, file:///absolute-path/filename)
	data	The raw data bytes (e.g., PEM string) of the CA certificates bundle.
	remote-url	A local/remote URI from where the certificate file (containing the CA certificate bundle) can be retrieved.
	external_ca	Optional parameter to import certificate without appending it to system CA certificates bundle at `/etc/ssl/certs/ca-certificates.crt`.
Default	N/A
History	25.02.2002
Example	`admin@nvos:~$ nv action import system security ca-certificate tls-cert-1 uri scp://user:pass@1.2.3.4:/ca-cert.crt` `admin@nvos:~$ nv action import system security ca-certificate tls-cert-1 uri file:///ca-cert.crt` `admin@nvos:~$ nv action import system security ca-certificate tls-cert-1 data "<CA-certificate>"`  `admin@nvos:~$ nv action import system security ca-certificate tls-cert-1 uri scp://user:pass@1.2.3.4:/ca-cert.crt external`
REST API	POST https://<ip>/nvue_v1/system/security/ca-certificate/{cacert-id}
Related Commands	nv action delete system security ca-certificate {cacert-id} nv show sys security ca-certificate
Notes

nv action import system security certificate

	nv action import system security certificate <cert-id> <uri-public-key <uri-path> uri-private-key <uri-path> \| uri-bundle <uri-path> [passphrase] \| data> Import system security certificate.
Syntax Description	cert-id	Unique Certificate ID that was named by the user
	uri-public-key	A local/remote URI from where the public key file can be retrieved.
	uri-private-key	A local/remote URI from where the private key file can be retrieved.
	uri-bundle	A local/remote URI from where the certificate file containing the certificate bundle can be retrieved. Needs to be in .p12 format.
	uri-path	A local/remote URI from where the certificate file (containing the CA certificate bundle) can be retrieved.
	data	The raw data bytes (e.g., PEM string) of the certificates bundle
	passphrase	Optional passphrase if certificate bundle is passphrase protected
Default	N/A
History	25.02.2002
Example	`admin@nvos:~$ nv action import system security certificate tls-cert-1 passphrase mypassphrase uri-bundle scp://user:pass@1.2.3.4:/opt/certs/cert.p12`  `admin@nvos:~$ nv action import system security certificate tls-cert-1 passphrase mypassphrase uri-bundle file:///opt/certs/cert.p12` `admin@nvos:~$ nv action import system security certificate tls-cert-1 uri-public-key scp://user:pass@1.2.3.4:/opt/certs/public uri-private-key scp://user:pass@1.2.3.4:/opt/certs/private` `admin@nvos:~$ nv action import system security certificate tls-cert-1 uri-public-key file:///opt/certs/public uri-private-key file:///opt/certs/private` `admin@nvos:~$ nv action import system security certificate tls-cert-1 data "<certificate>"`
REST API	POST https://<ip>/nvue_v1/system/security/certificate/{cert-id}
Related Commands	nv action delete system security certificate nv show sys security certificate
Notes

nv action import system security crl

	nv action import system security crl <crl-id> <uri {remote-url}> Import system security CRL.
Syntax Description	crl-id	Unique CRL ID that was named by the user
	uri	A local/remote URI from where the certificate file (containing the public-key) can be retrieved. Supports: ftp, scp and sftp (e.g., scp://user[:password]@hostname/path/filename, file:///absolute-path/filename)
	remote-url	A local/remote URI from where the certificate file (containing the CA certificate bundle) can be retrieved.
Default	N/A
History	25.02.2002
Example	`admin@nvos:~$ nv action import system security crl crl-1 uri scp://user:pass@1.2.3.4:/crl_file.crl` `admin@nvos:~$ nv action import system security crl crl-1 uri file:///crl.crt`
REST API	POST https://<ip>/nvue_v1/system/security/crl/{crl-id}
Related Commands	nv action delete system security crl {crl-id} nv show system security crl
Notes

nv action delete system security crl

	nv action delete system security crl <crl-id> Delete system security CRL certificate.
Syntax Description	crl-id	CRL ID removed during import
Default	N/A
History	25.02.2002
Example	`admin@nvos:~$ nv action delete system security crl crl_01`
REST API	DELETE https://<ip>/nvue_v1/system/security/crl/{crl-id}
Related Commands	nv action import system security crl {crl id}
Notes

Last updated: June 01, 2026