Rsa Keys Window - Cisco OL-4015-08 User Manual

RSA Keys Window

CRL Query URL
RSA Keys Window
RSA keys configured on your router
Name The key name. Key names are automatically assigned by SDM. The key
"HTTPS_SS_CERT_KEYPAIR" and "HTTPS_SS_CERT_KEYPAIR.server" will be
shown as Read-Only. Similarly, any key that is locked/encrypted on the router will be
displayed with icons that indicate their status.
Usage Either General Purpose or Usage. General purpose keys are used to encrypt data, and to
sign the certificate. If separate keys are configured to encrypt data and to sign
certificates, these keys are labelled Usage keys.
Exportable If this column contains a checkmark the key can be exported to another router if it
becomes necessary for that router to assume the role of the local router.
Cisco Router and Security Device Manager Version 2.2 User's Guide
28-50
Best Effort—Download the CRL from the CRL server if it is available. If it
•
is not available, the certificate will be accepted.
Optional—Check the CRL only if it has already been downloaded to the
•
cache as a result of manual loading.
Enter the URL where the certificate revocation list is located. Enter the URL only
if the certificate supports X.500 DN.
RSA keys provide an electronic encryption and authentication system that uses an
algorithm developed by Ron Rivest, Adi Shamir, and Leonard Adelman. The RSA
system is the most commonly used encryption and authentication algorithm, and
is included as a part of Cisco IOS. To use the RSA system, a network host
generates a pair of keys. One is called the public key, and the other is called the
private key. The Public key is given to anyone who wants to send encrypted data
to the host. The Private key is never shared. When a remote hosts wants to send
data, it encrypts it with the public key shared by the local host. The local host
decrypts sent data using the private key.
Chapter 28 Public Key Infrastructure
OL-4015-08