syslog証明書は正常に追加されましたが、seccertmgmt showコマンドの下に表示されません。

•  証明書を削除して再インストールしようとしましたが、問題がまだ維持されます。

swirtch-a:FID128:admin> seccertmgmt show -all
ssh private key:
   Exists

ssh public keys available for users:
   strun

Certificate Files:
--------------------------------------------------------------------------------------------------------------------
Protocol   Client CA                 Server CA                 SW                        CSR     PVT Key Passphrase
--------------------------------------------------------------------------------------------------------------------
FCAP       Empty                     NA                        Empty                     Empty   Empty   Empty
RADIUS     Empty                     Empty                     Empty                     Empty   Empty   NA
LDAP       Empty                     Empty                     Empty                     Empty   Empty   NA
RSA        NA                        Empty                     NA                        NA      NA      NA
FA         NA                        Empty                     NA                        NA      NA      NA
SYSLOG    Empty                    Empty                    Empty                    Exist   Exist   NA
HTTPS      NA                        Empty                     Exist                     Empty   Exist   NA
KAFKA      NA                        Empty                     NA                        NA      NA      NA
ASC        NA                        Empty                     NA                        NA      NA      NA
 

Switch-a:FID128:admin> seccertmgmt show -ca -server syslog
No syslog CA certificate found

Switch-a:FID128:admin> seccertmgmt import -ca -server syslog -protocol scp -ipaddr 10.239.91.xx -remotedir  /tmp/Brocade_FOS -certname certificate.pem -login xxxxx
Password:
Success: imported syslog server CA certificate [certificate.pem].

 

Switch-a:FID128:admin>seccertmgmt show -ca -server syslog
No syslog CA certificate found

 

Switch-a:FID128:admin> seccertmgmt delete -ca -server syslog

WARNING!!!
About to delete syslog CA certificate file(s)
Continue (yes, y, no, n): [no] y
Syslog server CA certificate does not exist
 

Switch-a:FID128:admin> seccertmgmt import -ca -server syslog -protocol scp -ipaddr 10.239.91.211 -remotedir  /tmp/Brocade_FOS -certname certificate.pem -login sharanoa
Password:
Success: imported syslog server CA certificate [certificate.pem].
 

Switch-a:FID128:admin> seccertmgmt show -ca -server syslog
No syslog CA certificate found
 

 

• 影響を受けるスイッチのsupportsaveログに、 syslog-ng.conf ファイルにIPアドレスがないが、現用スイッチに存在することが示されている。
•  /etc/syslog-ng/ca.d ディレクトリにソフトリンクが存在します-

switch-a:FID128> ls -l /etc/syslog-ng/ca.d
total 12
-rw-r----- 1 root admin 1245 Jan 29 17:39 172.21.210.xxx.csr
lrwxrwxrwx 1 root admin   6 Jan 29 18:57 48ccd5xx.0 -> ca.pem
-rw-r--r-- 1 root admin   0 Jan 29 18:57 ca.pem
lrwxrwxrwx 1 root admin   26 Aug  3  2023 f39d86xx.0 -> /etc/syslog-ng/ca.d/ca.pem
-r-------- 1 root admin 1704 Jan 29 17:36 pvt_key
-rw-r--r-- 1 root admin   58 Jan 29 18:57 syslog_link_hash