已成功添加系统日志证书、但未在seccertmgmtshow命令下列出

• 已尝试 删除并重新安装 证书、但问题描述仍然存在。

swirtch-a:FID128:admin> seccertmgmt show -all
ssh private key:
   Exists

ssh public keys available for users:
   strun

Certificate Files:
--------------------------------------------------------------------------------------------------------------------
Protocol   Client CA                 Server CA                 SW                        CSR     PVT Key Passphrase
--------------------------------------------------------------------------------------------------------------------
FCAP       Empty                     NA                        Empty                     Empty   Empty   Empty
RADIUS     Empty                     Empty                     Empty                     Empty   Empty   NA
LDAP       Empty                     Empty                     Empty                     Empty   Empty   NA
RSA        NA                        Empty                     NA                        NA      NA      NA
FA         NA                        Empty                     NA                        NA      NA      NA
SYSLOG    Empty                    Empty                    Empty                    Exist   Exist   NA
HTTPS      NA                        Empty                     Exist                     Empty   Exist   NA
KAFKA      NA                        Empty                     NA                        NA      NA      NA
ASC        NA                        Empty                     NA                        NA      NA      NA
 

Switch-a:FID128:admin> seccertmgmt show -ca -server syslog
No syslog CA certificate found

Switch-a:FID128:admin> seccertmgmt import -ca -server syslog -protocol scp -ipaddr 10.239.91.xx -remotedir  /tmp/Brocade_FOS -certname certificate.pem -login xxxxx
Password:
Success: imported syslog server CA certificate [certificate.pem].

 

Switch-a:FID128:admin>seccertmgmt show -ca -server syslog
No syslog CA certificate found

 

Switch-a:FID128:admin> seccertmgmt delete -ca -server syslog

WARNING!!!
About to delete syslog CA certificate file(s)
Continue (yes, y, no, n): [no] y
Syslog server CA certificate does not exist
 

Switch-a:FID128:admin> seccertmgmt import -ca -server syslog -protocol scp -ipaddr 10.239.91.211 -remotedir  /tmp/Brocade_FOS -certname certificate.pem -login sharanoa
Password:
Success: imported syslog server CA certificate [certificate.pem].
 

Switch-a:FID128:admin> seccertmgmt show -ca -server syslog
No syslog CA certificate found
 

 

• Supportsave日志显示受影响交换机上的 syslog-ng.conf 文件中缺少IP地址、但该地址位于正常工作的交换机中。
•  /etc/syslog-ng/ca.d 目录中存在软链接-

switch-a:FID128> ls -l /etc/syslog-ng/ca.d
total 12
-rw-r----- 1 root admin 1245 Jan 29 17:39 172.21.210.xxx.csr
lrwxrwxrwx 1 root admin   6 Jan 29 18:57 48ccd5xx.0 -> ca.pem
-rw-r--r-- 1 root admin   0 Jan 29 18:57 ca.pem
lrwxrwxrwx 1 root admin   26 Aug  3  2023 f39d86xx.0 -> /etc/syslog-ng/ca.d/ca.pem
-r-------- 1 root admin 1704 Jan 29 17:36 pvt_key
-rw-r--r-- 1 root admin   58 Jan 29 18:57 syslog_link_hash