cm add-to-trust¶

cm add-to-trust(1) BIG-IP TMSH Manual cm add-to-trust(1)

NAME
add-to-trust - Add a device to a trust domain.

MODULE
cm

SYNTAX
Run the add-to-trust program within the cm module using the syntax in the following section. The trust-domain name 'Root'
is optional beginning version 13.0.0.

MODIFY
run add-to-trust [Root]
options:
[ ca-device | non-ca-device ]
device [string]
port [ port_number ]
device-name [string]
password [string]
username [string]

DESCRIPTION
You can use the add-to-trust command to add a device to a trust domain. This is an alternate helper command to the modify
trust-domain ca-devices|non-ca-devices add ... command.

EXAMPLES
run add-to-trust ca-device device 10.20.30.40 device-name peer1 username homer password illiad

Adds a device to the list of ca-devices in the trust domain.

OPTIONS
ca-device
Indicates that the added device is a certificate authority device.

device
Indicates the FQDN or the management-ip of the device being added to the trust domain

port Device port number if other than 443 when adding new device. This parameter is optional.

device-name
Used to specify the name of a new device.

md5-fingerprint
SSL certificate md5 fingerprint is deprecated beginning version 13.0.0. Use sha1-fingerprint.

non-ca-device
Indicates that the added device is a subordinate device. The target device cannot be used as a signing authority.

password
Specifies the password for a new device.

serial
SSL certificate serial number is deprecated beginning version 13.0.0. Use sha1-fingerprint.

sha1-fingerprint
Specifies the SSL certificate (DER format) sha1 fingerprint when verifying the identity of a new device. This field is
optional.

signature
SSL certificate signature is deprecated beginning version 13.0.0. Use sha1-fingerprint.

username
Specifies the user name required to log on to a device when adding the device to the trust domain. The user "root" is
invalid, and will be disallowed. Any user that has administrator privileges and can use iControl can be used here.