EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #20 background imageLoading...
Page #20 background image
Implementing Certification Authority Interoperability on Cisco IOS XR Software
How to Implement CA Interoperability
SC-8
Cisco IOS XR System Security Configuration Guide
DETAILED STEPS
Declaring a Certification Authority and Configuring a Trusted Point
This task declares a CA and configures a trusted point.
SUMMARY STEPS
1. configure
2. crypto ca trustpoint ca-name
3. enrollment url CA-URL
4. query url LDAP-URL
5. enrollment retry period minutes
6. enrollment retry count number
7. rsakeypair keypair-label
8. end
or
commit
Command or Action Purpose
Step 1
crypto key generate rsa [usage keys |
general-keys] [
keypair-label
]
Example:
RP/0/RP0/CPU0:router# crypto key generate rsa
general-keys
Generates RSA key pairs.
Use the usage keys keyword to specify special usage
keys; use the general-keys keyword to specify general-
purpose RSA keys.
The keypair-label argument is the RSA key pair label
that names the RSA key pairs.
Step 2
crypto key zeroize rsa [
keypair-label
]
Example:
RP/0/RP0/CPU0:router# crypto key zeroize rsa
key1
(Optional) Deletes all RSAs from the router.
Under certain circumstances, you may want to delete
all RSA keys from you router. For example, if you
believe the RSA keys were compromised in some way
and should no longer be used, you should delete the
keys.
To remove a specific RSA key pair, use the
keypair-label argument.
Step 3
show crypto key mypubkey rsa
Example:
RP/0/RP0/CPU0:router# show crypto key mypubkey
rsa
(Optional) Displays the RSA public keys for your router.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals