EasyManuals Logo
Home>Cisco>Network Router>ASR 1013

Cisco ASR 1013 User Manual

Cisco ASR 1013
72 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #38 background imageLoading...
Page #38 background image
Page 38 of 72
4.6.4.3 Authenticating the Certificate Authority
The TOE must authenticate the CA by acknowledging its attributes match the publicly posted
fingerprint. The TOE administrator must verify that the output of the command below matches
the fingerprint of the CA on its public site.
1. Authenticate the CA: crypto ca authenticate trustpoint-name
Device (config)#crypto ca authenticate ciscotest
Certificate has the following attributes:
Fingerprint MD5: 8DE88FE5 78FF27DF 97BA7CCA 57DC1217
Fingerprint SHA1: 271E80EC 30304CC1 624EEE32 99F43AF8 DB9D0280
% Do you accept this certificate? [yes/no]: yes
Trustpoint CA certificate accepted.
4.6.4.4 Storing Certificates to a Local Storage Location
Certificates are stored to NVRAM by default; however, some routers do not have the required
amount of NVRAM to successfully store certificates. All Cisco platforms support NVRAM and
flash local storage. Depending on the platform, an authorized administrator may have other
supported local storage options including bootflash, slot, disk, USB flash, or USB token. During
run time, an authorized administrator can specify what active local storage device will be used to
store certificates. For more detailed information see the Public Key Infrastructure Configuration
Guide Guidance document section "How to Configure PKI Storage." -
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe-3s/sec-pki-xe-
3s-book.pdf
4.6.4.4.1. How to Specify a Local Storage Location for Certificates
The summary steps for storing certificates locally to the TOE are as follows:
1. Enter configure terminal mode:
Device # configure terminal
2. Specify the local storage location for certificates: crypto pki certificate storage
location-name
Device(config)# crypto pki certificate storage flash:/certs
3. Exit:
Device(config)# exit
4. Save the changes made:
Device# copy system:running-config nvram:startup-config
5. Display the current setting for the PKI certificate storage location:
Device# show crypto pki certificates storage
The following is sample output from the show crypto pki certificates storage command, which
shows that the certificates are stored in the certs subdirectory of disk0:
Device# show crypto pki certificates storage
Certificates will be stored in disk0:/certs/

Table of Contents

Other manuals for Cisco ASR 1013

Preview: Replacing
Replacing120 pages
Preview: Hardware Installation Guide
Hardware Installation Guide702 pages
Preview: Quick Start Guide
Quick Start Guide36 pages
Preview: Installation Manual
Installation Manual42 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 1013 and is the answer not in the manual?

Cisco ASR 1013 Specifications

General IconGeneral
BrandCisco
ModelASR 1013
CategoryNetwork Router
LanguageEnglish

Related product manuals