48-18
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 48 Configuring MACsec Encryption
Understanding MKA MACsec with EAP-TLS
% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 2 seconds)
Switch(config)# crypto pki trustpoint POLESTAR-IOS-CA
Switch(ca-trustpoint)# subject-name CN=catdevice@polestar.com, C=IN, ST=KA,
OU=ENG,O=Polestar
Switch(ca-trustpoint)# revocation-check none
Switch(ca-trustpoint)# rsakeypair mkaioscarsa
Switch(ca-trustpoint)# storage nvram:
Switch(ca-trustpoint)# end
Switch# configure terminal
Switch(config)# crypto pki authenticate POLESTAR-IOS-CA
Enter the base 64 encoded CA certificate.
End with a blank line or the word "quit" on a line by itself
!!PASTE THE CERTIFICATE CONTENT HERE AND END WITH ENTER!!
% Do you accept this certificate? [yes/no]: Yes
Trustpoint CA certificate accepted.
% Certificate successfully imported
Switch(config)# end
Switch# show crypto pki certificate POLESTAR-IOS-CA
CA Certificate
Status: Available
Certificate Serial Number (hex): 01
Certificate Usage: Signature
Issuer:
cn=POLESTAR-DHCP-CM.polestar.com
ou=ENG
Subject:
cn=POLESTAR-DHCP-CM.polestar.com
ou=ENG
Validity Date:
start date: 09:39:53 IST Apr 13 2016
end date: 09:39:53 IST Apr 13 2017
Associated Trustpoints: POLESTAR-IOS-CA
Switch# configure terminal
Switch(config)# crypto pki enroll POLESTAR-IOS-CA
% Start certificate enrollment ..
% The subject name in the certificate will include: CN=catdevice@polestar.com, C=IN,
ST=KA, OU=ENG,O=Polestar
% The subject name in the certificate will include: Device.polestar.com
% Include the router serial number in the subject name? [yes/no]: no
% Include an IP address in the subject name? [no]: no
Display Certificate Request to terminal? [yes/no]: yes
Certificate Request follows:
MIIC8TCCAdkCAQAwgYoxETAPBgNVBAoTCFBvbGVzdGFyMQwwCgYDVQQLEwNFTkcx
CzAJBgNVBAgTAktBMQswCQYDVQQGEwJJTjEfMB0GA1UEAwwWY2F0NDUwMHgxQHBv
bGVzdGFyLmNvbTEsMCoGCSqGSIb3DQEJAhYdUE9MRVNUQVItNDUwMFgtMS5wb2xl
c3Rhci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9gJrSiouv
yRr37Wf/i0MwWKr7VreQvQwSD3/Vr9YcVJ+8bULHcaB89wqF67Tlyuwqt1UgO/q9
Jr+qfP3anhvj5H0VRAl0wt/tvv66LLoH8y92/yb0dEY9h+DSRpFXQbUdQkIoYbkS
DnWZnuzvlOk4yKUAbslC3uZsrlnhIQz27bc/xlE0oigQxd0PjC82eZFt5EgwLO81
TzmaGsTnAUzWGQyhN6U97yDt0JXCmXIuND6uUXzZp1MDiRpNYjXwSWBZHaVEAFnF
tLBrtqA46eUj2b7iywqQ5WzqzSluPnw7ATo6sprj3TpQj2hLKihqfOPs8JK86Ow+
BGrp97PO5pllAgMBAAGgITAfBgkqhkiG9w0BCQ4xEjAQMA4GA1UdDwEB/wQEAwIF
oDANBgkqhkiG9w0BAQUFAAOCAQEAtOqEekXckNKy1+lWjy38AY7LHIiT0amQJ0SY
abw6P+SAlE+Ro6EbyS4gMPildjkDZSgaH/q9IdtmdG3GGz25CNXb0imK+2NroV+f
aOJZ6A19nqvdTz/OQ5LREcRlzfaeuNMnA2mzCpzyC0/kLQ6r040Uvz/GzPdmjWQh
sXRb57UFWffrOb1lC/7SsCo7HUcG1yCiYRFTKccHbLL/0+Q7yNHapWEZ0jaKAaj6
To Next Page
Loading...
Need help?
General
