EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #175 background imageLoading...
Page #175 background image
Implementing Secure Socket Layer on Cisco IOS XR Software
How to Implement Secure Socket Layer
SC-163
Cisco IOS XR System Security Configuration Guide
Step 6
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-trustp)# end
or
RP/0/RP0/CPU0:router(config-trustp)# commit
Saves configuration changes.
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
[cancel]:
Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Step 7
crypto ca authenticate
ca-name
Example:
RP/0/RP0/CPU0:router# crypto ca authenticate
myca
This command authenticates the CA to your router by
obtaining the CA certificate, which contains the public key
for the CA.
When prompted, type y to accept the certificate.
Step 8
crypto ca enroll
ca-name
Example:
RP/0/RP0/CPU0:router# crypto ca enroll myca
Requests certificates for all of your RSA key pairs.
This command causes your router to request as many
certificates as there are RSA key pairs, so you need
only perform this command once, even if you have
special usage RSA key pairs.
This command requires you to create a challenge
password that is not saved with the configuration. This
password is required if your certificate needs to be
revoked, so you must remember this password.
A certificate may be issued immediately or the router
sends a certificate request every minute until the
enrollment retry period is reached and a timeout occurs.
If a timeout occurs, contact your system administrator
to get your request approved, and then enter this
command again.
Verify that the certificate has been granted by using the
show crypto ca certificates command.
Step 9
show crypto ca certificates
Example:
RP/0/RP0/CPU0:router# show crypto ca
certificates
Displays information about your certificate and the CA
certificate.
Command or Action Purpose

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals