Command Mode
Global Configuration mode.
User Guidelines
•
The command is not saved in the device configuration; however, the certificate and keys generated by
this command are saved in the private configuration (which is never displayed to the user or backed up
to another device).
•
Use this command to generate a self-signed certificate for the device.
•
If the RSA keys do not exist, parameter key-generate must be used.
•
When you export an RSA key pair to a PKCS#12 file, the RSA key pair is as secure as the passphrase.
Therefore, keep the passphrase secure.
Example
The following example regenerates an HTTPS certificate.
Console(config)# crypto certificate 1 generate key-generate
crypto certificate request
The crypto certificate request Privileged EXEC mode command generates and displays certificate
requests for HTTPS.
Syntax
•
crypto certificate number request [cn common- name ][ou organization-unit][or organization] [loc
location] [st state] [cu country]
•
number — Specifies the certificate number. (Range: 1 - 2)
•
cn common- name — Specifies the fully qualified URL or IP address of the device.
(Range: 1 - 64)
•
ou organization-unit — Specifies the organization-unit or department name. (Range: 1 - 64)
•
or organization — Specifies the organization name. (Range: 1 - 64)
•
loc location — Specifies the location or city name. (Range: 1 - 64)
•
st state — Specifies the state or province name. (Range: 1 - 64)
•
cu country — Specifies the country name. (Range: 1 - 2)
Default Configuration
There is no default configuration for this command.
506
Web Server