EasyManuals Logo
Home>Cisco>Network Router>ASR 5500

Cisco ASR 5500 User Manual

Cisco ASR 5500
508 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #447 background imageLoading...
Page #447 background image
rest auth-policy
This NETCONF Protocol Configuration mode command controls the level of verification the server does on
client certificates. CA (certificate authority) certificates can be configured using the existing ca-certificate
command in Global Configuration mode.
The command syntax is: rest auth-policy { none | peer | peer-fail }, where
none - No authentication performed.
peer - If the client does not provide a certificate, or the client provides a certificate and it is valid, the
connection is allowed. If the client provides a certificate that is not valid, the connection is aborted.
If peer is selected, CA certificates are recommended; otherwise, a client providing a
valid certificate cannot be authenticated and connection will fail.
Important
peer-fail - Server requires the client to supply a client certificate and will fail the connection if certificate
is not successfully validated.
If peer-fail is selected, one or more CA certificates must be present on the device;
otherwise, the REST interface will not be enabled.
Important
Use no rest auth-policy to set the auth-policy to none; no authentication will be performed.
A change to the REST interface auth-policy may result in a planned restart of ConfD and temporary loss
of connectivity over the NETCONF and REST (if still enabled) interfaces.
Changes to global certificates which ConfD is using while REST is enabled will also result in a restart of
ConfD.
Important
rest certificate
This NETCONF Protocol Configuration mode command configures certificate and private-key for REST
interface.
The command syntax is: rest certificate certificate_name, where certificate_name is an alphanumeric string
of 1 to 128 characters.
The certificate specified must to be present on the device. Certificate and the associated private-key can
be configured using the existing certificate command in Global Configuration mode.
Important
Use no rest certificate to remove any configured certificate and key. REST will not be operational without
a valid certificate and key.
ASR 5500 System Administration Guide, StarOS Release 21.4
415
NETCONF and ConfD
NETCONF Protocol Configuration Mode

Table of Contents

Other manuals for Cisco ASR 5500

Preview: System Administration Guide
System Administration Guide430 pages
Preview: Installation Guide
Installation Guide192 pages
Preview: Installation Procedure Overview
Installation Procedure Overview6 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 5500 and is the answer not in the manual?

Cisco ASR 5500 Specifications

General IconGeneral
BrandCisco
ModelASR 5500
CategoryNetwork Router
LanguageEnglish

Related product manuals