< Home

Configuring Smart Upgrade

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ssl policy policy-name

    An SSL policy is created and the SSL policy view is displayed.

  3. Run trusted-ca load pem-caca-filename

    A CA certificate of the HOUP is loaded for the SSL policy.

    By default, no CA certificate is loaded for an SSL policy.

    • The CA certificate houp_root.cer of the HOUP is automatically generated after a switch starts without the need to import the certificate separately.

    • If the CA certificate is deleted by mistake or the CA certificate becomes invalid, you can create an SSL policy without the CA certificate using the ssl policy policy-name command. After this command is run, the system automatically returns to the system view. Then run the smart-upgrade verify-server disable command to temporarily disable the CA certificate verification function.

    • For device communication security purposes, you are not advised to disable the CA certificate verification function. After the CA certificate is invalid, obtain a new CA certificate from the HOUP (https://houp.huawei.com).

  4. Run quit

    Return to the system view.

  5. (Optional) Run smart-upgrade { url host | https-port https-port }

    The address and port number of the proxy server for smart upgrade are set.

    By default, url is houp.huawei.com and https-port is port 443.

    If the switch resides on an intranet, it cannot directly assess houp.huawei.com. Instead, it needs to be connected to a proxy server and transmit data to the HOUP through the proxy server.

  6. Run smart-upgrade ssl-policy policy-name

    The SSL policy is bound to smart upgrade.

    By default, no SSL policy is bound to smart upgrade.

    Before smart upgrade is enabled, an SSL policy must be bound because smart upgrade needs to establish connections with the HOUP using HTTPS.

  7. Run smart-upgrade enable

    Smart upgrade is enabled.

    By default, smart upgrade is disabled.

  8. (Optional) Run smart-upgrade information telephone phonevalue email emailvalue

    The contact number and email address for smart upgrade are set.

    By default, no contact number and email address are set for smart upgrade.

  9. (Optional) Run smart-upgrade web-prompt disable

    Web prompt for smart upgrade is disabled.

    By default, web prompt for smart upgrade is enabled.

    After this function is disabled, the web home page does not prompt the working status and latest software version information of smart upgrade.

Verifying the Configuration

  • Run the display ssl policy command to check configuration information about the SSL policy.
  • Run the display smart-upgrade information command to check details about smart upgrade.
Parent Topic: Smart Upgrade
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >