Crypto Key Lock Rsa - Cisco Catalyst 6500 Series Command Reference Manual

Ssl services module command reference
Hide thumbs Also See for Catalyst 6500 Series:
Table of Contents

Advertisement

Chapter 2
Commands for the Catalyst 6500 Series SSL Services Module

crypto key lock rsa

To lock the encrypted private key, use the crypto key lock rsa command.
Syntax Description
name key-name
passphrase passphrase
Defaults
This command has no default settings.
Command Modes
EXEC
Command History
Release
SSL Services Module
Release 3.1(1)
Usage Guidelines
After the key is locked, it cannot be used to authenticate the router to a peer device. This behavior
disables any IPsec or SSL connections that use the locked key.
Any existing IPsec tunnels created on the basis of the locked key will be closed.
If all RSA keys are locked, SSH will automatically be disabled.
Examples
This example shows how to lock the key "pki1-72a.cisco.com." Enter the show crypto key mypubkey
rsa command to verify that the key is protected (encrypted) and locked.
ssl-proxy# crypto key lock rsa name pki1-72a.cisco.com passphrase cisco1234
ssl-proxy# show crypto key mypubkey rsa
Key name:pki1-72a.cisco.com
Usage:General Purpose Key
*** The key is protected and LOCKED. ***
Key is exportable.
Key Data:
305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00D7808D C5FF14AC
...
% Key pair was generated at: 16:00:11 PST Feb 28 2002
ssl-proxy#
Related Commands
crypto key decrypt rsa
crypto key encrypt rsa
crypto key unlock rsa
OL-9105-01
crypto key lock rsa [name key-name] passphrase passphrase
(Optional) Name of the key.
Pass phrase.
Modification
Support for this command was introduced on the Catalyst 6500 series
switches.
Catalyst 6500 Series Switch SSL Services Module Command Reference
crypto key lock rsa
2-21

Advertisement

Table of Contents
loading

Table of Contents