How to Configure Certification Authority
Command or Action
Step 4
end
Example:
Device(config)# end
Requesting Signed Certificates
You must obtain a signed certificate from the certification authority (CA) for each of the RSA key pairs on
your device. If you generated general-purpose RSA keys, your device has only one RSA key pair and needs
only one certificate. If you previously generated special-usage RSA keys, your device has two RSA key pairs
and needs two certificates.
Perform the following task to request signed certificates from the CA:
If your device reboots after you have issued the crypto pki enroll command, but before you have received
Note
the certificates, you must reissue the command and notify the CA administrator.
SUMMARY STEPS
1. enable
2. configure terminal
3. crypto pki enroll number
4. end
DETAILED STEPS
Command or Action
Step 1
enable
Example:
Device> enable
Step 2
configure terminal
Example:
Device# configure terminal
Step 3
crypto pki enroll number
Example:
Device(config)# crypto pki enroll myca
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1152
Purpose
Exits global configuration mode and returns to privileged
EXEC mode.
Purpose
Enables privileged EXEC mode.
• Enter your password if prompted.
Enters global configuration mode.
Obtains certificates for your device from the CA.