Two-Factor Authentication commands 36
When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits,
and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512.
REMOVE CA CERTIFICATE
• Command:
REMOVE CA CERTIFICATE "<certificate name>"
• Description:
• Removes the trust certificate corresponding to the SHA1 <certificate name>. Any users having their
certificates issued by this CA can no longer login if Two-Factor Authentication is enabled.
• Access level/Bay level:
OA administrator
• Restrictions:
None
REMOVE USER CERTIFICATE
• Command:
REMOVE USER CERTIFICATE "<user name>"
• Description:
Removes the user certificate. If Two-Factor Authentication is enabled, this user no longer has access
through HTTPS.
• Access level/Bay level:
OA administrator
• Restrictions:
None
SET USER CERTIFICATE
• Command:
SET USER CERTIFICATE "<user name>" <end marker> <\n> <certificate> <\n> <end
marker>
• Description:
Maps a certificate (for certificate-based authentication) to the specified Onboard Administrator user
account. To add the certificate:
a. Start with a string that does not appear within the certificate (the end marker).
b. Insert a newline character by pressing Enter.
c. Paste in the certificate.
d. Insert a newline character by pressing Enter.
e. Insert the end marker.
f. Issue the command by pressing Enter.
