How to Implement Keychain Management
Command or Action
Step 3
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isis-keys)# end
or
RP/0/RP0/CPU0:router(config-isis-keys)# commit
Step 4
show key chain key-chain-name
Example:
RP/0/RP0/CPU0:router# show key chain isis-keys
What to Do Next
After completing keychain configuration, see the
section.
Configuring a Tolerance Specification to Accept Keys
This task configures the tolerance specification to accept keys for a keychain to facilitate a hitless key
rollover for applications, such as routing and management protocols.
SUMMARY STEPS
1.
2.
3.
4.
Cisco IOS XR System Security Configuration Guide
SC-78
configure
key chain key-chain-name
accept-tolerance [value | infinite]
end
or
commit
Implementing Keychain Management on Cisco IOS XR Software
Purpose
Saves configuration changes.
When you issue the end command, the system prompts
•
you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
[cancel]:
Entering yes saves configuration changes to the
–
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
Entering no exits the configuration session and
–
returns the router to EXEC mode without
committing the configuration changes.
Entering cancel leaves the router in the current
–
configuration session without exiting or
committing the configuration changes.
Use the commit command to save the configuration
•
changes to the running configuration file and remain
within the configuration session.
(Optional) Displays the name of the keychain.
The key-chain-name argument is optional. If you do
Note
not specify a name for the key-chain-name
argument, all the keychains are displayed.
Configuring a Tolerance Specification to Accept Keys