Cisco MDS-9124 Troubleshooting Guide - Page 481
Configuring Certificates on the MDS Switch Using the CLI, Admin > Flash Files
View all Cisco MDS-9124 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 481 highlights
Chapter 24 Troubleshooting Digital Certificates Digital Certificate Issues Send documentation comments to [email protected] Step 10 Follow these steps to import the identity certificate: a. In Device Manager, choose Admin > Flash Files and select Copy, then select tftp from the Protocol radio buttons to tftp copy the CA certificate to bootflash. b. In Fabric Manager, choose Switches > Security > PKI and select the TrustPoint Actions tab. c. Select the certimport option from the Command drop-down menu to import an identity certificate in this trust point. Note The identity certificate should be available in PEM format in a file in bootflash. d. Enter the name of the certificate file that was copied to bootflash in the URL field in the bootflash:filename format. e. Click Apply Changes to save your changes. If successful, the values of the identity certificate and its related objects, like the certificate file name, are automatically updated with the appropriate values as per the corresponding attributes in the identity certificate. Configuring Certificates on the MDS Switch Using the CLI To configure certificates on an MDS switch using the CLI, follow these steps: Step 1 Configure the switch FQDN. switch# config t Enter configuration commands, one per line. switch(config)# switchname Vegas-1 Vegas-1(config)# End with CNTL/Z. Step 2 Configure the DNS domain name for the switch. Vegas-1(config)# ip domain-name cisco.com Vegas-1(config)# Step 3 Create a trust point. Vegas-1(config)# crypto ca trustpoint myCA Vegas-1(config-trustpoint)# exit Vegas-1(config)# do show crypto ca trustpoints trustpoint: myCA; key: revokation methods: crl Vegas-1(config)# Step 4 Create an RSA key pair for the switch. Vegas-1(config)# crypto key generate rsa label myKey exportable modulus 1024 Vegas-1(config)# do show crypto key mypubkey rsa key label: myKey key size: 1024 exportable: yes Vegas-1(config)# Step 5 Associate the RSA key pair to the trust point. Vegas-1(config)# crypto ca trustpoint myCA OL-9285-05 Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x 24-7