UFM-SDN App CLI Guide
UFM-SDN App CLI Guide
Breadcrumbs

UFM Web Client

ufm web-client mode


ufm web-client mode <http | https | https-client-authentication>

Configures Access mode to the UFM web clients.

Syntax Description

http

HTTP access

https

HTTPS access

https-client-authentication

HTTPS access with client authentication

Default

http

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client mode https-client-authen

Related Commands

show ufm web-client
ufm web-client client-authentication
ufm web-client associate-user

Notes

The new mode is applied upon UFM start.

ufm web-client client-authentication ca-cert fetch


ufm web-client client-authentication ca-cert fetch <download-url>
no ufm web-client client-authentication ca-cert fetch <download-url>

Downloads a root/intermediate certificates file from a remote host or a USB device.
The no form of the command deletes the root/intermediate certificate file from the hard disk.

Syntax Description

download-url

The URL path from where the image file can be downloaded. Supported protocols: http, https, ftp, tftp, scp, sftp and usb. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication certificate fetch scp://root@10.10.32.12/tmp/ca-intermediate.crt

Related Commands

show ufm web-client
ufm web-client mode
ufm web-client associate-user

Notes


ufm web-client client-authentication associate-user


ufm web-client client-authentication associate-user <san> <username>
no ufm web-client client-authentication associate-user <san> <username>

Associates client certificate subject alternative name with a UFM user.
The no form of the command disassociates client certificate subject alternative name from a UFM user.

Syntax Description

san

Client certificate subject alternative name

username

UFM username

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client associate-user ufm.mellanoxhpc.net ufmsysadmin

Related Commands

show ufm web-client
ufm web-client mode
ufm web-client client-authentication

Notes


show ufm web-client


show ufm web-client

Displays UFM web client settings.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any configuration mode

History

1.5

Example

 
ufmapl [ mgmt-ha-active ] (config) # show ufm web-client
  Mode: HTTPS
  Client authentication: Yes

  Bootstrap certificate file: Present
  CA certificate file: Present
  Server certificate file: Present

  Server certificate hostname: ufm.mellanoxhpc.net

  User Associations:
    SAN:  ufm.mellanoxhpc.net
    User: ufmsysadmin

  Certificate Auto-refresh:
    Enabled: Yes
    CA certificate URL: https://mellanox.com/cacert
    Server certificate URL: https://mellanox.com/servercerts
    Server certificate thumbprint: 2268BDD79DF7FD9C818EB97F315AE0F35D223A15
    Last checked: 2019-04-20 20:57:21
    Last update: 2019-04-20 20:57:21

Related Commands

ufm web-client mode
ufm web-client client-authentication
ufm web-client associate-user

Notes


ufm web-client server-cert hostname


ufm web-client server-cert hostname <hostname>
no ufm web-client server-cert hostname <hostname>

Sets the hostname used to access the UFM web client.
The no form of the command deletes the server certificate hostname used to access the UFM web client.

Syntax Description

hostname

Hostname used to access the UFM web client

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client server-cert hostname ufm.mellanoxhpc.net

Related Commands

show ufm web-client

Notes

Multiple hostnames may be configured.

ufm web-client server-cert fetch


ufm web-client server-cert fetch <download-url>
no ufm web-client server-cert fetch <download-url>

Downloads a server certificate file from a remote host or a USB device.
The no form of the command deletes the server certificate file from the hard disk.

Syntax Description

download-url

The URL path from where the image file can be downloaded. Supported protocols: http, https, ftp, tftp, scp, sftp and usb. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client server-cert fetch scp://admin@192.168.1.10/tmp/certs/server.pfx

Related Commands

show ufm web-client

Notes


ufm web-client client-authentication cert-refresh enable


ufm web-client client-authentication cert-refresh enable
no ufm web-client client-authentication cert-refresh enable

Enables UFM web client certificates auto-refresh.
The no form of the command disables the feature.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh enable

Related Commands

show ufm web-client

Notes


ufm web-client client-authentication cert-refresh ca-cert


ufm web-client client-authentication cert-refresh ca-cert <download-url>
no ufm web-client client-authentication cert-refresh ca-cert <download-url>

Sets the download URL for root/intermediate certificate.
The no form of the command clears the root/intermediate certificate auto-refresh settings.

Syntax Description

download-url

Download URL for root/intermediate certificate

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh ca-cert "https://mellanox.com/cacerts"

Related Commands

show ufm web-client

Notes


ufm web-client client-authentication cert-refresh self-client-cert fetch


ufm web-client client-authentication cert-refresh self-client-cert fetch <download-url> <password>
no ufm web-client client-authentication cert-refresh self-client-cert fetch <download-url> <password>

Downloads a bootstrap certificate file from a remote host or a USB device.
The no form on the command deletes the bootstrap certificate file from the hard disk.

Syntax Description

download-url

http, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

password

Bootstrap certificate password

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh self-client-cert fetch scp://admin@192.168.1.10/tmp/certs/bootstrap.pfx "UMm6gF8bGR81+yUScXpVEnr8Q4t4Svcyy6UkHK8oolv1GF1wyreTHjdsWBcIUYH1TRgQt2yguvDs4wrcRIbGGQ=="

Related Commands

show ufm web-client
ufm web-client client-authentication cert-refresh self-client-cert password-file fetch

Notes


ufm web-client client-authentication cert-refresh self-client-cert password-file fetch


ufm web-client client-authentication cert-refresh self-client-cert password-file fetch <download-uri>
no ufm web-client client-authentication cert-refresh self-client-cert password-file fetch <download-uri>

Fetches a bootstrap certificate password file (containing a password to be used to open a bootstrap certificate) rather than having to supply a cleartext password while fetching the bootstrap certificate.
The no form on the command deletes the bootstrap certificate password file from the hard disk.

Syntax Description

download-uri

http, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

Default

N/A

Configuration Mode

config

History

4.3.0

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh self-client-cert password-file fetch scp://admin@192.168.1.10/tmp/certs/bootstrap.txt

Related Commands

show ufm web-client
ufm web-client client-authentication cert-refresh self-client-cert fetch

Notes


ufm web-client client-authentication cert-refresh server-cert


ufm web-client client-authentication cert-refresh server-cert <url> <thumbprint>
no ufm web-client client-authentication cert-refresh server-cert <url> <thumbprint>

Sets the download URL for server and bootstrap certificates.
The no form of the command clears the server and bootstrap certificates auto-refresh settings.

Syntax Description

url

http, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

thumbprint

Server certificate thumbprint

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh server-cert "https://mellanox.com/servercerts" 2268BDD79DF7FD9C818EB97F315AE0F35D223A15

Related Commands

show ufm web-client

Notes


ufm web-client client-authentication cert-refresh run-now


ufm web-client client-authentication cert-refresh run-now

Refreshes the server and root/intermediate certificates manually.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

1.5

Example

 
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh run-now

Related Commands

show ufm web-client

Notes


ufm ws-address


ufm ws-address <address>

Sets the web server external address.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

1.6

Example

 
ufmapl [ mgmt-sa ] (config) # ufm ws-address 172.10.30.16

Related Commands

show ufm ws-address

Notes


show ufm ws-address


show ufm ws-address <address>

Displays the web server external address.

Syntax Description

address

Web server external address

Default

N/A

Configuration Mode

Any configuration mode

History

1.6

Example

 
ufmapl [mgmt-sa] (config) # show ufm ws-address
Web server external address:    UNDEFINED

Related Commands

ufm ws-address

Notes


Last updated: