Web Server 505
Example
The following example the interval the system waits for user input before automatically logging off to 3
minutes 30 seconds.
crypto certificate generate
The crypto certificate generate Global Configuration mode command generates a self-signed HTTPS
certificate.
Syntax
•
crypto certificate [
number
] generate key-generate [
length
] [passphrase
string
] [cn
common- name
][ou
organization-unit
][or
organization
] [loc
location
] [st
state
] [cu
country
] [duration
days
]
•
number
— Specifies the certificate number. (Range: 1 - 2)
•
key-generate
— Regenerate the SSL RSA key.
•
length
— Specifies the SSL RSA key length. (Range: 512 - 2048)
•
passphrase
string
— Passphrase that is used for exporting the certificate in PKCS12 file format. If
unspecified the certificate is not exportable. (Range: 512 - 2048)
•
cn
common- name
— Specifies the fully qualified URL or IP address of the device.
(Range: 1 - 64)
•
or
organization
— Specifies the organization name. (Range: 1 - 64)
•
ou
organization-unit
— Specifies the organization-unit or department name. (Range: 1 - 64)
•
loc
location
— Specifies the location or city name. (Range: 1 - 64)
•
st
state
— Specifies the state or province name. (Range: 1 - 64)
•
cu
country
— Specifies the country name. (Range: 2)
•
duration
days
— Specifies number of days certification is valid. (Range: 30 - 3650)
Default Configuration
• The Certificate and SSL’s RSA key pairs do not exist.
• If no certificate number is specified, the default certificate number is 1.
• If no RSA key length is specified, the default length is 1024.
• If no URL or IP address is specified, the default common name is the lowest IP address of the device at
the time that the certificate is generated.
• If the number of days is not specified, the default period of time that the certification is valid is 365
days.
Console (config)# ip https exec-timeout 3 30
book.book Page 505 Thursday, December 18, 2008 7:40 PM
To Next Page
Loading...
