Lumeta Scouts do not have a Web interface, so you will need to use the command line interface (CLI) to set up PKI for CAC.
When you intend to use the CLI, you can either store the files on an SSH server and then simply upload the files using the CLI Certificate commands. This method uploads and places the files in one step.
The alternative is to use a tool such as pscp or psftp (available at the same place as PuTTY) to upload the files to Lumeta first. In this case, specify the path to the files in the CLI certificate commands without the “user@host:” prefix.
The examples that follow illustrate the first method.
Upload Your Company’s Root CA Certificates
Use the certificate ca install command to upload the CA certificates:
certificate ca install file-path
Upload User Certificates
Use the certificate user install command to upload user certificates.
certificate user install file-path userid
Upload SSH Keys
Use the certificate ssh install command to upload SSH keys.
certificate ssh install file-path userid
Enable PKI
Note: Do NOT enable PKI unless you have installed all of the certificates for it (i.e., CA, user, server, SSH).
Use the certificate pki command to check the status of PKI and to enable or disable PKI for the system.
certificate pki [ enable | disable ]
For the generic version of PuTTY and the psftp or pscp programs, see:
http://www.chiark.greenend.org.uk/~sgtatham/
putty/download.html
For a version of PuTTY that will let you
authenticate via CAC, see:
https://risacher.org/putty-cac/