Associating Certificate And Private Key Files With Names - Cisco 11503 - CSS Content Services Switch Configuration Manual

Associating Certificate and Private Key Files with Names

Associating Certificate and Private Key Files with
Names
Cisco Content Services Switch SSL Configuration Guide
3-16
To export the rsacert.pem certificate from the CSS to a remote server, enter:
# copy ssl sftp ssl_record export rsacert.pem "passwd123"
If the copy ssl command fails to import certificates or keys, verify the following
areas:
The user account and password in the ftp record are correct
•
The base directory is ssh or ssh/path
•
The SSH server is reachable
•
The SSH server IP address is correct in the ftp-record
•
After you import or generate certificate and key pair files, you must indicate to
the CSS whether these files contain certificates, private keys, or Diffie-Hellman
parameters. You do this by associating certificate names, private/public key pair
names, or Diffie-Hellman parameter names with the particular imported files.
When you associate the entries specified in the various certificate and private key
commands with files, the CSS stores the bindings in the running configuration.
Before you log out or reboot the CSS, you must copy the contents of the
running-config file to the startup-config file to save the configuration changes and
to enable the CSS to use this configuration on subsequent reboots. When you
reboot the CSS, the certificate and key associations are loaded automatically.
This section covers:
Associating a Certificate with a File
•
Associating an RSA Key Pair with a File
•
Associating a DSA Key Pair with a File
•
Associating Diffie-Hellman Parameters with a File
•
Verifying a Certificate Against a Key Pair
•
Chapter 3 Configuring SSL Certificates and Keys
OL-5655-01