In addition to the already listed config, firmware, and firmwarewithreset, the following table shows which files can be specifically read from the device and/or written to the device using SCP. These correspond to the files that are also available through WEBconfig file upload or download. When uploading, a password can optionally be provided using the LCS_PASSWORD environment variable.
| Mount point | Read | Write | Description |
|---|---|---|---|
| ssl_cert | Yes | Yes | SSL – certificate (*.pem, *.crt. *.cer [BASE64]) |
| ssl_privkey | No | Yes | SSL – private key (*.key [BASE64 unencrypted]) |
| ssl_rootcert | Yes | Yes | SSL – root CA certificate (*.pem, *.crt. *.cer [BASE64]) |
| ssl_pkcs12 | No | Yes | SSL – container as PKCS#12 file (*.pfx, *.p12) |
| ssh_rsakey | No | Yes | SSL – RSA key (*.key [BASE64 unencrypted]) |
| ssh_dsakey | No | Yes | SSL – DSA key (*.key [BASE64 unencrypted]) |
| ssh_authkeys | Yes | Yes | SSH – accepted public key |
| ssh_ed25519key | No | Yes | SSH – ED25519 key (*.key [BASE64 unencrypted]) |
| ssh_ed448key | No | Yes | SSH – ED448 key (*.key [BASE64 unencrypted]) |
| vpn_rootcert | Yes | Yes | VPN – root CA certificate (*.pem, *.crt. *.cer [BASE64]) |
| vpn_devcert | Yes | Yes | VPN – device certificate (*.pem, *.crt. *.cer [BASE64]) |
| vpn_devprivkey | No | Yes | VPN – private device key (*.key [BASE64 unencrypted]) |
| vpn_pkcs12 | No | Yes | VPN – container (VPN1) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_2 | No | Yes | VPN – container (VPN2) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_3 | No | Yes | VPN – container (VPN3) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_4 | No | Yes | VPN – container (VPN4) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_5 | No | Yes | VPN – container (VPN5) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_6 | No | Yes | VPN – container (VPN6) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_7 | No | Yes | VPN – container (VPN7) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_8 | No | Yes | VPN – container (VPN8) as PKCS#12 file (*.pfx, *.p12) |
| vpn_pkcs12_9 | No | Yes | VPN – container (VPN9) as PKCS#12 file (*.pfx, *.p12) |
| vpn_add_cas | No | Yes | VPN – add additional CA certificates (*.pfx, *.p12, *.pem, *.crt. *.cer [BASE64]) |
| eaptls_rootcert | Yes | Yes | EAP/TLS – root CA certificate (*.pem, *.crt. *.cer [BASE64]) |
| eaptls_devcert | Yes | Yes | EAP/TLS – device certificate (*.pem, *.crt. *.cer [BASE64]) |
| eaptls_privkey | No | Yes | EAP/TLS – private device key (*.key [BASE64 unencrypted]) |
| eaptls_pkcs12 | No | Yes | EAP/TLS – container as PKCS#12 file (*.pfx, *.p12) |
| radsec_rootcert | Yes | Yes | RADSEC – root CA certificate (*.pem, *.crt. *.cer [BASE64]) |
| radsec_devcert | Yes | Yes | RADSEC – device certificate (*.pem, *.crt. *.cer [BASE64]) |
| radsec_privkey | No | Yes | RADSEC – private device key (*.key [BASE64 unencrypted]) |
| radsec_pkcs12 | No | Yes | RADSEC – container as PKCS#12 file (*.pfx, *.p12) |
| radiuss_accnt_total | Yes | Yes | RADIUS server – summary accounting (*.csv) |
| scep_cert_list | Yes | Yes | SCEP-CA – certificate list |
| scep_cert_serial | Yes | Yes | SCEP-CA – serial number |
| scep_ca_backup | Yes | No | Backup for SCEP-CA – PKCS12 container |
| scep_ra_backup | Yes | No | Backup for SCEP-RA – PKCS12 container |
| scep_ca_pkcs12 | No | Yes | SCEP-CA – PKCS12 container |
| scep_ra_pkcs12 | No | Yes | SCEP-RA – PKCS12 container |
| pbspot_template_welcome | Yes | Yes | Public Spot – welcome page (*.html, *.htm) |
| pbspot_template_login | Yes | Yes | Public Spot – login page (*.html, *.htm) |
| pbspot_template_error | Yes | Yes | Public Spot – error page (*.html, *.htm) |
| pbspot_template_start | Yes | Yes | Public Spot – home page (*.html, *.htm) |
| pbspot_template_status | Yes | Yes | Public Spot – status page (*.html, *.htm) |
| pbspot_template_logoff | Yes | Yes | Public Spot – logoff page (*.html, *.htm) |
| pbspot_template_help | Yes | Yes | Public Spot – help page (*.html, *.htm) |
| pbspot_template_noproxy | Yes | Yes | Public Spot – no proxy page (*.html, *.htm) |
| pbspot_template_voucher | Yes | Yes | Public Spot – voucher page (*.html, *.htm) |
| pbspot_template_agb | Yes | Yes | Public Spot – GTC page (*.html, *.htm) |
| pbspot_formhdrimg | Yes | Yes | Public Spot – header image pages (*.gif, *.png, *.jpeg) |
| WLC_Script_1.lcs | Yes | Yes | CAPWAP – WLC_Script_1.lcs |
| WLC_Script_2.lcs | Yes | Yes | CAPWAP – WLC_Script_2.lcs |
| WLC_Script_3.lcs | Yes | Yes | CAPWAP – WLC_Script_3.lcs |
| default_pkcs12 | No | Yes | |
| rollout_wizard | No | Yes | |
| rollout_template | No | Yes | |
| rollout_logo | No | Yes | |
| hip_cert_0 | No | Yes | |
| issue | Yes | Yes | Text for display after command-line login (e.g.ASCII logos) |
| config | Yes | Yes | Importing and exporting configuration files |
| firmware | No | Yes | Uploading a firmware file to the passive firmware slot |
| firmwarewithreset | No | Yes | Like firmware, but with a subsequent configuration restart |
