EasyManuals Logo

Cisco 9134 - MDS Multilayer Fabric Switch User Manual

Cisco 9134 - MDS Multilayer Fabric Switch
560 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #485 background imageLoading...
Page #485 background image
Send documentation comments to mdsfeedback-doc@cisco.com
24-11
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
OL-9285-05
Chapter 24 Troubleshooting Digital Certificates
Digital Certificate Issues
Importing Certificate and RSA Key Pairs from Backup Using Fabric Manager
To import certificates and RSA key pairs from a PKCS#12 backup file using Fabric Manager, follow
these steps:
Step 1 Choose Switches > Security > PKI and select the TrustPointDetails tab to verify that the trust point is
empty.
Step 2 Optionally, follow these steps to empty the trust point:
a. Choose Switches > Security > PKI and select the TrustPoint tab.
b. Delete the RSA key pair from the Key Pair Name field and click Apply Changes.
c. Choose Switches > Security > PKI and select the TrustPoint Actions tab.
d. Select cadelete from the Command drop-down menu and click Apply Changes to delete the CA
certificate.
e. Select forcecertdelete from the Command drop-down menu and click Apply Changes to delete the
identity certificates.
Step 3 In Device Manager, choose Admin > Flash Files and select Copy to copy the PKCS#12 format file to
the switch bootflash.
Step 4 In Fabric Manager, choose Switches > Security > PKI and select the TrustPoint Actions tab.
Step 5 Select the pkcs12import option from the Command drop-down menu to import the key pair, identity
certificate, and the CA certificate or certificate chain in PKCS#12 format to the selected trust point.
Step 6 Enter the input in bootflash:filename format, for the PKCS#12 file.
Step 7 Enter the required password. The password is set for decoding the PKCS#12 data. On completion, the
imported data is available in bootflash in the specified file.
Step 8 Click Apply Changes to save the changes.
On completion the trust point is created in the RSA key pair table corresponding to the imported key
pair. The certificate information is updated in the trust point.
Note The trust point should be empty (no RSA key pair associated with it and no CA is associated with it using
CA authentication) for the PKCS#12 import to succeed.
Importing Certificate and RSA Key Pairs from Backup Using the CLI
To import certificates and RSA key pairs from a PKCS#12 backup file using the CLI, follow these steps:
Step 1 Use the show crypto ca trustpoints command to verify that the trust point is empty.
Step 2 Optionally, use the delete ca-certificate command in trust point config submode to remove the CA
certificate from the trust point.
switch(config)# crypto ca trustpoint myCA
switch(config-trustpoint)# delete ca-certificate

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 9134 - MDS Multilayer Fabric Switch and is the answer not in the manual?

Cisco 9134 - MDS Multilayer Fabric Switch Specifications

General IconGeneral
BrandCisco
Model9134 - MDS Multilayer Fabric Switch
CategorySwitch
LanguageEnglish

Related product manuals