image image image image image

On This Page

ufm web-client mode


ufm web-client mode <http | https | https-client-authentication>

Configures Access mode to the UFM web clients.

Syntax DescriptionhttpHTTP access
httpsHTTPS access
https-client-authenticationHTTPS access with client authentication
Defaulthttp
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client mode https-client-authen
Related Commands

show ufm web-client
ufm web-client client-authentication
ufm web-client associate-user

NotesThe new mode is applied upon UFM start.

ufm web-client client-authentication ca-cert fetch


ufm web-client client-authentication ca-cert fetch <download-url>
no ufm web-client client-authentication ca-cert fetch <download-url>

Downloads a root/intermediate certificates file from a remote host or a USB device.
The no form of the command deletes the root/intermediate certificate file from the hard disk.

Syntax Descriptiondownload-urlThe URL path from where the image file can be downloaded. Supported protocols: http, https, ftp, tftp, scp, sftp and usb. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication certificate fetch scp://root@10.10.32.12/tmp/ca-intermediate.crt
Related Commands

show ufm web-client
ufm web-client mode
ufm web-client associate-user

Notes

ufm web-client client-authentication associate-user


ufm web-client client-authentication associate-user <san> <username>
no ufm web-client client-authentication associate-user <san> <username>

Associates client certificate subject alternative name with a UFM user.
The no form of the command disassociates client certificate subject alternative name from a UFM user.

Syntax DescriptionsanClient certificate subject alternative name
usernameUFM username
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client associate-user ufm.mellanoxhpc.net ufmsysadmin
Related Commands

show ufm web-client
ufm web-client mode
ufm web-client client-authentication

Notes

show ufm web-client


show ufm web-client

Displays UFM web client settings.

Syntax DescriptionN/A
DefaultN/A
Configuration ModeAny configuration mode
History1.5
Example
ufmapl [ mgmt-ha-active ] (config) # show ufm web-client
  Mode: HTTPS
  Client authentication: Yes

  Bootstrap certificate file: Present
  CA certificate file: Present
  Server certificate file: Present

  Server certificate hostname: ufm.mellanoxhpc.net

  User Associations:
    SAN:  ufm.mellanoxhpc.net
    User: ufmsysadmin

  Certificate Auto-refresh:
    Enabled: Yes
    CA certificate URL: https://mellanox.com/cacert
    Server certificate URL: https://mellanox.com/servercerts
    Server certificate thumbprint: 2268BDD79DF7FD9C818EB97F315AE0F35D223A15
    Last checked: 2019-04-20 20:57:21
    Last update: 2019-04-20 20:57:21
Related Commands

ufm web-client mode
ufm web-client client-authentication
ufm web-client associate-user

Notes

ufm web-client server-cert hostname


ufm web-client server-cert hostname <hostname>
no ufm web-client server-cert hostname <hostname>

Sets the hostname used to access the UFM web client.
The no form of the command deletes the server certificate hostname used to access the UFM web client.

Syntax DescriptionhostnameHostname used to access the UFM web client
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client server-cert hostname ufm.mellanoxhpc.net
Related Commands

show ufm web-client

NotesMultiple hostnames may be configured.

ufm web-client server-cert fetch


ufm web-client server-cert fetch <download-url>
no ufm web-client server-cert fetch <download-url>

Downloads a server certificate file from a remote host or a USB device.
The no form of the command deletes the server certificate file from the hard disk.

Syntax Descriptiondownload-urlThe URL path from where the image file can be downloaded. Supported protocols: http, https, ftp, tftp, scp, sftp and usb. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client server-cert fetch scp://admin@192.168.1.10/tmp/certs/server.pfx
Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh enable


ufm web-client client-authentication cert-refresh enable
no ufm web-client client-authentication cert-refresh enable

Enables UFM web client certificates auto-refresh.
The no form of the command disables the feature.

Syntax DescriptionN/A
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh enable
Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh ca-cert


ufm web-client client-authentication cert-refresh ca-cert <download-url>
no ufm web-client client-authentication cert-refresh ca-cert <download-url>

Sets the download URL for root/intermediate certificate.
The no form of the command clears the root/intermediate certificate auto-refresh settings.

Syntax Descriptiondownload-urlDownload URL for root/intermediate certificate
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh ca-cert "https://mellanox.com/cacerts"
Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh self-client-cert fetch


ufm web-client client-authentication cert-refresh self-client-cert fetch <download-url> <password>
no ufm web-client client-authentication cert-refresh self-client-cert fetch <download-url> <password>

Downloads a bootstrap certificate file from a remote host or a USB device.
The no form on the command deletes the bootstrap certificate file from the hard disk.

Syntax Descriptiondownload-urlhttp, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.
passwordBootstrap certificate password
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh self-client-cert fetch scp://admin@192.168.1.10/tmp/certs/bootstrap.pfx "UMm6gF8bGR81+yUScXpVEnr8Q4t4Svcyy6UkHK8oolv1GF1wyreTHjdsWBcIUYH1TRgQt2yguvDs4wrcRIbGGQ=="
Related Commands

show ufm web-client
ufm web-client client-authentication cert-refresh self-client-cert password-file fetch

Notes

ufm web-client client-authentication cert-refresh self-client-cert password-file fetch


ufm web-client client-authentication cert-refresh self-client-cert password-file fetch <download-uri>
no ufm web-client client-authentication cert-refresh self-client-cert password-file fetch <download-uri>

Fetches a bootstrap certificate password file (containing a password to be used to open a bootstrap certificate) rather than having to supply a cleartext password while fetching the bootstrap certificate.
The no form on the command deletes the bootstrap certificate password file from the hard disk.

Syntax Descriptiondownload-urihttp, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.
DefaultN/A
Configuration Modeconfig
History4.3.0
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh self-client-cert password-file fetch scp://admin@192.168.1.10/tmp/certs/bootstrap.txt
Related Commands

show ufm web-client
ufm web-client client-authentication cert-refresh self-client-cert fetch

Notes

ufm web-client client-authentication cert-refresh server-cert


ufm web-client client-authentication cert-refresh server-cert <url> <thumbprint>
no ufm web-client client-authentication cert-refresh server-cert <url> <thumbprint>

Sets the download URL for server and bootstrap certificates.
The no form of the command clears the server and bootstrap certificates auto-refresh settings.

Syntax Descriptionurlhttp, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.
thumbprintServer certificate thumbprint
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh server-cert "https://mellanox.com/servercerts" 2268BDD79DF7FD9C818EB97F315AE0F35D223A15
Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh run-now


ufm web-client client-authentication cert-refresh run-now

Refreshes the server and root/intermediate certificates manually.

Syntax DescriptionN/A
DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh run-now
Related Commands

show ufm web-client

Notes

ufm ws-address


ufm ws-address <address>

Sets the web server external address.

Syntax DescriptionN/A
DefaultN/A
Configuration Modeconfig
History1.6
Example
ufmapl [ mgmt-sa ] (config) # ufm ws-address 172.10.30.16
Related Commands

show ufm ws-address

Notes

show ufm ws-address


show ufm ws-address <address>

Displays the web server external address.

Syntax DescriptionaddressWeb server external address
DefaultN/A
Configuration ModeAny configuration mode
History1.6
Example
ufmapl [mgmt-sa] (config) # show ufm ws-address
Web server external address:    UNDEFINED
Related Commands

ufm ws-address

Notes