The trusted-ca load command loads the trusted CA file for the SSL policy for the FTP client.
By default, no trusted CA file is loaded for the SSL policy.
# Load the trusted CA file for the SSL policy in PFX format.
trusted-ca load pfx-ca ca-filename auth-code { auth-code | cipher auth-code }
| Parameter | Description | Value |
|---|---|---|
| pfx-ca | Load the trusted CA file for the SSL policy in PFX format. |
- |
| ca-filename | Specifies the name of the trusted CA file. The file is in the subdirectory of the system directory security. If the security directory does not exist in the system, create this directory. |
The value is a string of 1 to 64 characters. The file name is the same as that of the uploaded file. |
| auth-code auth-code | Specifies the verification code for the trusted CA file in PFX format. The authentication code verifies user identity to ensure that only authorized users can log in to the server. |
When the authentication code is in plain text, the value is a string of 1 to 31 case-sensitive characters without any space. |
Usage Scenario
CAs that are widely trusted in the world are called root CAs. Root CAs can authorize other lower-level CAs. The identity information about a CA is provided in the file of a trusted CA. To ensure the communication security and verify the server validity, you must run the trusted-ca load command to load the trusted CA file.
Prerequisites
Before running the trusted-ca load command, you have run the ssl policy command to create the SSL policy in the system view.
Precautions
A maximum of four trusted CA files can be loaded for an SSL policy.