1
If you are using TFTP for enrollment, the URL must be in the form tftp://certserver/file_specification. (The file specification is optional.)
TFTP enrollment sends the enrollment request and retrieves the certificate of the CA and the certificate of the
router. If the file specification is included in the URL, the router appends an extension to the file specification.
To change the CA URL, repeat the enrollment url command to overwrite the previous URL
Task ID
OperationsTask ID
read, writecrypto
Examples
The following example shows the absolute minimum configuration required to declare a CA:
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)#
crypto ca trustpoint myca
RP/0/RP0/CPU0:router(config-trustp)#
enrollment url http://ca.domain.com/certsrv/mscep/mscep.dll
Related Commands
DescriptionCommand
Allows the certificates of other peers to be accepted
without trying to obtain the appropriate CRL.
crl optional (trustpoint), on page 186
Configures a trusted point with a selected name.crypto ca trustpoint, on page 194
Specifies a dotted IP address that is included as an
unstructured address in the certificate request.
ip-address (trustpoint), on page 213
Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1
212 OL-24740-01
Public Key Infrastructure Commands
enrollment url