How to upload a certificate to device via SNMP for RADIUS authentication

For RADIUS authentication you need your SM to have a user-provisioned certificate. To upload this certificate via SNMP to SM, the following steps are required:

1. Check that SM is accessible and its SNMP options (community etc.) are configured.
2. Copy the content of CA certificate and paste it to the command like in the rough example below:

snmpset -v2c -c private 169.254.1.1 .1.3.6.1.4.1.17713.21.3.8.8.2.0 s "-----BEGIN CERTIFICATE-----
> MIIDyDCCArCgAwIBAgIBATANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJVUzER
> MA8GA1UECAwISWxsaW5vaXMxGDAWBgNVBAcMD1JvbGxpbmcgTWVhZG93czEZMBcG
> UkFESVVTLXRlc3QtQ0EwHhcNMjMwODE2MTQxMjM1WhcNMjcwODE2MTQxMjM1WjB9
> ZVBNUDEXMBUGA1UEAwwOUkFESVVTLXRlc3QtQ0EwggEiMA0GCSqGSIb3DQEBAQUA
> dFYPVWdQINrevWSX0wtSbS8MQ33WsB1DAAJpGsPatJawSgZsRO5NQlRoawp+eQe8
> J0W/964y36Q14AHyM//4pg4hDvNhTE5p0D/J5gOyV7b8W6oWTf6eAYXueokTYIbY
> 7N02b7WfYwP21B/k0avJW0qBIXleZqeJRTz/d9lHoaA0bfrBqPao3OdvNbx4Ayo/
> Z5+0fy++zgJmhip0
> -----END CERTIFICATE-----"

3. Apply the change

snmpset -v2c -c private 169.254.1.1 .1.3.6.1.4.1.17713.21.4.4.0 i 1

4. Save

snmpset -v2c -c private 169.254.1.1 .1.3.6.1.4.1.17713.21.4.3.0 i 1

5. And reboot

snmpset -v2c -c private 169.254.1.1 .1.3.6.1.4.1.17713.21.4.1.0 i 1

You may want to confirm if the certificate is set with snmpget command

snmpget -v2c -c private 169.254.1.1 .1.3.6.1.4.1.17713.21.3.8.8.2.0

And it should return the exact body of your uploaded certificate

iso.3.6.1.4.1.17713.21.3.8.8.2.0 = STRING: "-----BEGIN CERTIFICATE-----
MIIDyDCCArCgAwIBAgIBATANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJVUzER
MA8GA1UECAwISWxsaW5vaXMxGDAWBgNVBAcMD1JvbGxpbmcgTWVhZG93czEZMBcG
UkFESVVTLXRlc3QtQ0EwHhcNMjMwODE2MTQxMjM1WhcNMjcwODE2MTQxMjM1WjB9
ZVBNUDEXMBUGA1UEAwwOUkFESVVTLXRlc3QtQ0EwggEiMA0GCSqGSIb3DQEBAQUA
dFYPVWdQINrevWSX0wtSbS8MQ33WsB1DAAJpGsPatJawSgZsRO5NQlRoawp+eQe8
J0W/964y36Q14AHyM//4pg4hDvNhTE5p0D/J5gOyV7b8W6oWTf6eAYXueokTYIbY
7N02b7WfYwP21B/k0avJW0qBIXleZqeJRTz/d9lHoaA0bfrBqPao3OdvNbx4Ayo/
Z5+0fy++zgJmhip0
-----END CERTIFICATE-----
"

This example uses snmpget/snmpset linux commands from Net-Snmp, but it can easily be extended to the use of a MIB browser.