Cisco MDS-9124 Troubleshooting Guide - Page 482
copy running-config startup-config, Step 6
View all Cisco MDS-9124 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 482 highlights
Digital Certificate Issues Chapter 24 Troubleshooting Digital Certificates Send documentation comments to [email protected] Step 6 Step 7 Step 8 Step 9 Vegas-1(config-trustpoint)# rsakeypair myKey Vegas-1(config-trustpoint)# exit Vegas-1(config)# do show crypto ca trustpoints trustpoint: myCA; key: myKey revokation methods: crl Vegas-1(config)# Use the copy running-config startup-config command to save the trust point and key pair. Download the CA certificate from the CA that you want to add as the trust point CA. Authenticate the CA that you want to enroll to the trust point. Vegas-1(config)# crypto ca authenticate myCA input (cut & paste) CA certificate (chain) in PEM format; end the input with a line containing only END OF INPUT : -----BEGIN CERTIFICATE----MIIC4jCCAoygAwIBAgIQBWDSiay0GZRPSRIljK0ZejANBgkqhkiG9w0BAQUFADCB kDEgMB4GCSqGSIb3DQEJARYRYW1hbmRrZUBjaXNjby5jb20xCzAJBgNVBAYTAklO MRIwEAYDVQQIEwlLYXJuYXRha2ExEjAQBgNVBAcTCUJhbmdhbG9yZTEOMAwGA1UE ChMFQ2lzY28xEzARBgNVBAsTCm5ldHN0b3JhZ2UxEjAQBgNVBAMTCUFwYXJuYSBD QTAeFw0wNTA1MDMyMjQ2MzdaFw0wNzA1MDMyMjU1MTdaMIGQMSAwHgYJKoZIhvcN AQkBFhFhbWFuZGtlQGNpc2NvLmNvbTELMAkGA1UEBhMCSU4xEjAQBgNVBAgTCUth cm5hdGFrYTESMBAGA1UEBxMJQmFuZ2Fsb3JlMQ4wDAYDVQQKEwVDaXNjbzETMBEG A1UECxMKbmV0c3RvcmFnZTESMBAGA1UEAxMJQXBhcm5hIENBMFwwDQYJKoZIhvcN AQEBBQADSwAwSAJBAMW/7b3+DXJPANBsIHHzluNccNM87ypyzwuoSNZXOMpeRXXI OzyBAgiXT2ASFuUOwQ1iDM8rO/41jf8RxvYKvysCAwEAAaOBvzCBvDALBgNVHQ8E BAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJyjyRoMbrCNMRU2OyRhQ GgsWbHEwawYDVR0fBGQwYjAuoCygKoYoaHR0cDovL3NzZS0wOC9DZXJ0RW5yb2xs L0FwYXJuYSUyMENBLmNybDAwoC6gLIYqZmlsZTovL1xcc3NlLTA4XENlcnRFbnJv bGxcQXBhcm5hJTIwQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEB BQUAA0EAHv6UQ+8nE399Tww+KaGr0g0NIJaqNgLh0AFcT0rEyuyt/WYGPzksF9Ea NBG7E0oN66zex0EOEfG1Vs6mXp1//w== -----END CERTIFICATE----- END OF INPUT Fingerprint(s): MD5 Fingerprint=65:84:9A:27:D5:71:03:33:9C:12:23:92:38:6F:78:12 Do you accept this certificate? [yes/no]:y Vegas-1(config)# Vegas-1(config)# do show crypto ca certificates Trustpoint: myCA CA certificate 0: subject= /[email protected]/C=IN/ST=Karnataka/L=Bangalore/O=Cisco/O U=netstorage/CN=Aparna CA issuer= /[email protected]/C=IN/ST=Karnataka/L=Bangalore/O=Cisco/OU =netstorage/CN=Aparna CA serial=0560D289ACB419944F4912258CAD197A notBefore=May 3 22:46:37 2005 GMT notAfter=May 3 22:55:17 2007 GMT MD5 Fingerprint=65:84:9A:27:D5:71:03:33:9C:12:23:92:38:6F:78:12 purposes: sslserver sslclient ike Vegas-1(config)# Generate a certificate request for enrolling with that trust point. Vegas-1(config)# crypto ca enroll myCA Create the certificate request .. Create a challenge password. You will need to verbally provide this password to the CA Administrator in order to revoke your certificate. For security reasons your password will not be saved in the configuration. Please make a note of it. Password:nbv123 The subject name in the certificate will be: Vegas-1.cisco.com 24-8 Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x OL-9285-05