Chapter 2
Commands for the Catalyst 6500 Series SSL Services Module
crypto pki import pem
To import a PEM-formatted file to the SSL Services Module, use the crypto pki import pem command.
Syntax Description
trustpoint-label
exportable
terminal
url url
pass_phrase
usage-keys
Defaults
This command has no default settings.
Command History
Global configuration
Command History
Release
SSL Services Module
Release 1.2(1)
SSL Services Module
Release 3.1(1)
Usage Guidelines
You will receive an error if you enter the pass phrase incorrectly. The pass_phrase can be any phrase
including spaces and punctuation except for the question mark (?), which has a special meaning to the
Cisco IOS parser.
Pass-phrase protection associates a pass phrase with the key. The pass phrase is used to encrypt the key
when it is exported. When this key is imported, you must enter the same pass phrase to decrypt it.
When importing RSA keys, you can use a public key or its corresponding certificate.
OL-9105-01
crypto pki import trustpoint_label pem [exportable] {terminal | url url | usage-keys}
pass_phrase
Name of the trustpoint.
(Optional) Specifies the key that can be exported.
Displays the request on the terminal.
Specifies the URL location. Valid values are as follows:
ftp:—Exports to the FTP: file system
•
null:—Exports to the null: file system
•
nvram:—Exports to the NVRAM: file system
•
•
rcp:—Exports to the RCP: file system
scp:—Exports to the SCP: file system
•
•
system:—Exports to the system: file system
tftp:—Exports to the TFTP: file system
•
Pass phrase.
Specifies that two special-usage key pairs should be generated, instead of
one general-purpose key pair.
Modification
Support for this command was introduced on the Catalyst 6500 series
switches.
The syntax for this command changed from crypto ca to crypto pki.
Catalyst 6500 Series Switch SSL Services Module Command Reference
crypto pki import pem
2-9