NVIDIA UFM-SDN Appliance Command Reference Guide v4.10.1
v4.10.1

UFM Web Client

ufm web-client mode <http | https | https-client-authentication>

Configures Access mode to the UFM web clients.

Syntax Description

http

HTTP access

https

HTTPS access

https-client-authentication

HTTPS access with client authentication

Default

http

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client mode https-client-authen

Related Commands

show ufm web-client
ufm web-client client-authentication
ufm web-client associate-user

Notes

The new mode is applied upon UFM start.

ufm web-client client-authentication ca-cert fetch <download-url>
no ufm web-client client-authentication ca-cert fetch <download-url>

Downloads a root/intermediate certificates file from a remote host or a USB device.
The no form of the command deletes the root/intermediate certificate file from the hard disk.

Syntax Description

download-url

The URL path from where the image file can be downloaded. Supported protocols: http, https, ftp, tftp, scp, sftp and usb. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication certificate fetch scp://root@10.10.32.12/tmp/ca-intermediate.crt

Related Commands

show ufm web-client
ufm web-client mode
ufm web-client associate-user

Notes

ufm web-client client-authentication associate-user <san> <username>
no ufm web-client client-authentication associate-user <san> <username>

Associates client certificate subject alternative name with a UFM user.
The no form of the command disassociates client certificate subject alternative name from a UFM user.

Syntax Description

san

Client certificate subject alternative name

username

UFM username

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client associate-user ufm.mellanoxhpc.net ufmsysadmin

Related Commands

show ufm web-client
ufm web-client mode
ufm web-client client-authentication

Notes

show ufm web-client

Displays UFM web client settings.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any configuration mode

History

1.5

Example

Copy
Copied!
            

ufmapl [ mgmt-ha-active ] (config) # show ufm web-client Mode: HTTPS Client authentication: Yes   Bootstrap certificate file: Present CA certificate file: Present Server certificate file: Present   Server certificate hostname: ufm.mellanoxhpc.net   User Associations: SAN: ufm.mellanoxhpc.net User: ufmsysadmin   Certificate Auto-refresh: Enabled: Yes CA certificate URL: https://mellanox.com/cacert Server certificate URL: https://mellanox.com/servercerts Server certificate thumbprint: 2268BDD79DF7FD9C818EB97F315AE0F35D223A15 Last checked: 2019-04-20 20:57:21 Last update: 2019-04-20 20:57:21

Related Commands

ufm web-client mode
ufm web-client client-authentication
ufm web-client associate-user

Notes

ufm web-client server-cert hostname <hostname>
no ufm web-client server-cert hostname <hostname>

Sets the hostname used to access the UFM web client.
The no form of the command deletes the server certificate hostname used to access the UFM web client.

Syntax Description

hostname

Hostname used to access the UFM web client

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client server-cert hostname ufm.mellanoxhpc.net

Related Commands

show ufm web-client

Notes

Multiple hostnames may be configured.

ufm web-client server-cert fetch <download-url>
no ufm web-client server-cert fetch <download-url>

Downloads a server certificate file from a remote host or a USB device.
The no form of the command deletes the server certificate file from the hard disk.

Syntax Description

download-url

The URL path from where the image file can be downloaded. Supported protocols: http, https, ftp, tftp, scp, sftp and usb. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client server-cert fetch scp://admin@192.168.1.10/tmp/certs/server.pfx

Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh enable
no ufm web-client client-authentication cert-refresh enable

Enables UFM web client certificates auto-refresh.
The no form of the command disables the feature.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh enable

Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh ca-cert <download-url>
no ufm web-client client-authentication cert-refresh ca-cert <download-url>

Sets the download URL for root/intermediate certificate.
The no form of the command clears the root/intermediate certificate auto-refresh settings.

Syntax Description

download-url

Download URL for root/intermediate certificate

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh ca-cert "https://mellanox.com/cacerts"

Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh self-client-cert fetch <download-url> <password>
no ufm web-client client-authentication cert-refresh self-client-cert fetch <download-url> <password>

Downloads a bootstrap certificate file from a remote host or a USB device.
The no form on the command deletes the bootstrap certificate file from the hard disk.

Syntax Description

download-url

http, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

password

Bootstrap certificate password

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh self-client-cert fetch scp://admin@192.168.1.10/tmp/certs/bootstrap.pfx "UMm6gF8bGR81+yUScXpVEnr8Q4t4Svcyy6UkHK8oolv1GF1wyreTHjdsWBcIUYH1TRgQt2yguvDs4wrcRIbGGQ=="

Related Commands

show ufm web-client
ufm web-client client-authentication cert-refresh self-client-cert password-file fetch

Notes

ufm web-client client-authentication cert-refresh self-client-cert password-file fetch <download-uri>
no ufm web-client client-authentication cert-refresh self-client-cert password-file fetch <download-uri>

Fetches a bootstrap certificate password file (containing a password to be used to open a bootstrap certificate) rather than having to supply a cleartext password while fetching the bootstrap certificate.
The no form on the command deletes the bootstrap certificate password file from the hard disk.

Syntax Description

download-uri

http, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

Default

N/A

Configuration Mode

config

History

4.3.0

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh self-client-cert password-file fetch scp://admin@192.168.1.10/tmp/certs/bootstrap.txt

Related Commands

show ufm web-client
ufm web-client client-authentication cert-refresh self-client-cert fetch

Notes

ufm web-client client-authentication cert-refresh server-cert <url> <thumbprint>
no ufm web-client client-authentication cert-refresh server-cert <url> <thumbprint>

Sets the download URL for server and bootstrap certificates.
The no form of the command clears the server and bootstrap certificates auto-refresh settings.

Syntax Description

url

http, https, ftp, tftp, scp, sftp and usb are supported. Example: scp://username[:password]@hostname/path/filename, usb:/path/filename.

thumbprint

Server certificate thumbprint

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh server-cert "https://mellanox.com/servercerts" 2268BDD79DF7FD9C818EB97F315AE0F35D223A15

Related Commands

show ufm web-client

Notes

ufm web-client client-authentication cert-refresh run-now

Refreshes the server and root/intermediate certificates manually.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

1.5

Example

Copy
Copied!
            

ufmapl [mgmt-ha-active] (config) # ufm web-client client-authentication cert-refresh run-now

Related Commands

show ufm web-client

Notes

ufm ws-address <address>

Sets the web server external address.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

1.6

Example

Copy
Copied!
            

ufmapl [ mgmt-sa ] (config) # ufm ws-address 172.10.30.16

Related Commands

show ufm ws-address

Notes

show ufm ws-address <address>

Displays the web server external address.

Syntax Description

address

Web server external address

Default

N/A

Configuration Mode

Any configuration mode

History

1.6

Example

Copy
Copied!
            

ufmapl [mgmt-sa] (config) # show ufm ws-address Web server external address: UNDEFINED

Related Commands

ufm ws-address

Notes

© Copyright 2023, NVIDIA. Last updated on Sep 6, 2023.