EasyManuals Logo

Cisco IOS XR User Manual

Cisco IOS XR
254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #21 background imageLoading...
Page #21 background image
Implementing Certification Authority Interoperability on Cisco IOS XR Software
How to Implement CA Interoperability
SC-9
Cisco IOS XR System Security Configuration Guide
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
crypto ca trustpoint
ca-name
Example:
RP/0/RP0/CPU0:router(config)# crypto ca
trustpoint myca
Declares a CA.
Configures a trusted point with a selected name so that
your router can verify certificates issued to peers.
Enters trustpoint configuration mode.
Step 3
enrollment url
CA-URL
Example:
RP/0/RP0/CPU0:router(config-trustp)# enrollment
url
http://ca.domain.com/certsrv/mscep/mscep.dll
Specifies the URL of the CA.
The URL should include any nonstandard cgi-bin script
location.
Step 4
query url
LDAP-URL
Example:
RP/0/RP0/CPU0:router(config-trustp)# query url
ldap://my-ldap.domain.com
(Optional) Specifies the location of the LDAP server if your
CA system supports the LDAP protocol.
Step 5
enrollment retry period
minutes
Example:
RP/0/RP0/CPU0:router(config-trustp)# enrollment
retry period 2
(Optional) Specifies a retry period.
After requesting a certificate, the router waits to receive
a certificate from the CA. If the router does not receive
a certificate within a period of time (the retry period)
the router will send another certificate request.
Range is from 1 to 60 minutes. Default is 1 minute.
Step 6
enrollment retry count
number
Example:
RP/0/RP0/CPU0:router(config-trustp)# enrollment
retry count 10
(Optional) Specifies how many times the router continues to
send unsuccessful certificate requests before giving up.
The range is from 1 to 100.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General IconGeneral
Operating SystemCisco IOS XR
ArchitectureMicrokernel
High AvailabilityYes
TypeNetwork operating system
Developed byCisco Systems
LicenseProprietary
Programming LanguageC, C++
KernelQNX
Supported PlatformsCisco ASR9000, NCS series
Security FeaturesRole-Based Access Control (RBAC), Secure Boot, Encryption
Management InterfaceCLI, SNMP, NETCONF, RESTCONF
Release Date2004
Target DevicesHigh-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported HardwareCisco routers and switches
Networking ProtocolsBGP, OSPF, IS-IS, MPLS
Virtualization SupportVirtualization-ready, supports network function virtualization (NFV) and containerization technologies.

Related product manuals