Crypto Ca Trustpoint - Cisco CRS User Manual

crypto ca trustpoint

crypto ca trustpoint
To configure a trusted point with a selected name, use the crypto ca trustpoint command. To unconfigure a
trusted point, use the no form of this command.
crypto ca trustpoint ca-name
no crypto ca trustpoint ca-name
Syntax Description
ca-name
Command Default
None
Command Modes
Global configuration
Command History
Release
Release 2.0
Release 3.6.0
Usage Guidelines
Use the crypto ca trustpoint command to declare a CA.
This command allows you to configure a trusted point with a selected name so that your router can verify
certificates issued to peers. Your router need not enroll with the CA that issued the certificates to the peers.
The crypto ca trustpoint command enters trustpoint configuration mode, in which you can specify
characteristics for the CA with the following commands:
•
•
•
•
•
Cisco IOS XR System Security Command Reference for the Cisco CRS Router, Release 4.1
194
crl optional (trustpoint), on page 186
trying to obtain the appropriate CRL.
enrollment retry count, on page 206
sends before giving up. Optional.
enrollment retry period, on page 208
sending certificate request retries.
enrollment url, on page 211
ip-address (trustpoint), on page
address in the certificate request.
Name of the CA.
Modification
This command was introduced.
The example was modified to include the sftp-password command
and sftp-username command.
command—The certificates of other peers are accepted without
command—The number of certificate request retries your router
command—(Optional)—The time the router waits between
command—(Optional)—The URL of the CA.
213command—A dotted IP address that is included as an unstructured
Public Key Infrastructure Commands
OL-24740-01