key chain
To create a keychain or to configure an existing keychain, use the key chain command. To unconfigure the
keychain, use the no form of this command.
key chain keychain-name [macsec]
no key chain keychain-name [macsec]
Syntax Description
Specifies the name of the keychain. The maximum
size is 63 alphanumeric characters. It is case sensitive.
key chain keychain-name
(Optional) Configures the MACsec keychain.macsec
Command Default
None
Command Modes
Global configuration (config)
Command History
ModificationRelease
This command was modified. The macsec keyword was added.8.2(1)
This command was introduced.4.0(1)
Usage Guidelines
•
This command creates a keychain if it does not already exist. A new keychain contains no keys. Note
that removing a keychain also removes the keys that are a part of this keychain. Before you remove a
keychain, ensure that no feature is using it. If a feature is configured to use a keychain that you remove,
that feature is likely to fail to communicate with other devices.
•
This command does not require a license.
•
To configure a MACsec keychain, you should enable the MKA feature first.
Examples
This example shows how to configure a keychain named glbp-keys:
switch# configure terminal
switch(config)# key chain glbp-keys
switch(config-keychain)#
This example shows how to configure a MACsec key chain named k1:
switch# configure terminal
switch(config)# key chain k1 macsec
switch(config-macseckeychain)#
Cisco Nexus 7000 Series Security Command Reference
468
K Commands
key chain
To Next Page
Loading...
