1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. Router IOS XR
  6. Configuration manual

Prerequisites For Implementing Secure Socket Layer; Information About Implementing Secure Socket Layer; Purpose Of Certification Authorities - Cisco IOS XR Configuration Manual

System security configuration guide
Hide thumbs Also See for IOS XR:
Table of Contents

Advertisement

Contents
Contents

Prerequisites for Implementing Secure Socket Layer

The following prerequisites are required to implement SSL:

Information About Implementing Secure Socket Layer

To implement SSL you need to understand the following concept:

Purpose of Certification Authorities

CAs are responsible for managing certificate requests and issuing certificates to participating IPSec
network devices. These services provide centralized key management for the participating devices.
CAs simplify the administration of IPSec network devices. You can use a CA with a network containing
multiple IPSec-compliant devices, such as routers.
Digital signatures, enabled by public key cryptography, provide a means of digitally authenticating
devices and individual users. In public key cryptography, such as the RSA encryption system, each user
has a key pair containing both a public and a private key. The keys act as complements, and anything
encrypted with one of the keys can be decrypted with the other. In simple terms, a signature is formed
when data is encrypted with a user's private key. The receiver verifies the signature by decrypting the
message with the sender's public key. The fact that the message could be decrypted using the sender's
Cisco IOS XR System Security Configuration Guide
SC-160
Prerequisites for Implementing Secure Socket Layer, page SC-160
Information About Implementing Secure Socket Layer, page SC-160
How to Implement Secure Socket Layer, page SC-161
Configuration Examples for Implementing Secure Socket Layer, page SC-164
Additional References, page SC-164
You must be in a user group associated with a task group that includes the proper task IDs for
security commands. For detailed information about user groups and task IDs, see the Configuring
AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security
Configuration Guide.
You must install and activate the Package Installation Envelope (PIE) for the security software.
For detailed information about optional PIE installation, refer to the Cisco IOS XR Getting Started
Guide.
Before you can begin using SSL, you must generate either Rivest, Shamir, and Adelman (RSA) or
Digital Signature Algorithm (DSA) key pairs, enroll with a CA, and obtain the CA certificate for the
router key.
For more information on the commands required to perform these tasks, see the crypto key
generate rsa, crypto key generate dsa, crypto ca enroll, and crypto ca authenticate commands
in the Public Key Infrastructure Commands on Cisco IOS XR Software module of the Cisco IOS XR
System Security Command Reference.
Purpose of Certification Authorities, page SC-160
Implementing Secure Socket Layer on Cisco IOS XR Software
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco IOS XR

Related Content for Cisco IOS XR

This manual is also suitable for:

Ios xr 3.5

Table of Contents