hit counter script

Using An Rsa Key To Generate A Certificate Signing Request - Cisco 11503 - CSS Content Services Switch Configuration Manual

Content services switch ssl configuration guide
Hide thumbs Also See for 11503 - CSS Content Services Switch:
Table of Contents

Advertisement

Chapter 3
Configuring SSL Certificates and Keys
Generating Certificates and Private Keys in the CSS
You must also associate a Diffie-Hellman parameter filename with the generated
Diffie-Hellman parameter file, as discussed in the
"Associating Certificate and
Private Key Files with Names"
section of this chapter.

Using an RSA Key to Generate a Certificate Signing Request

To generate a Certificate Signing Request (CSR) file for an RSA key pair file and
to transfer the certificate request to the Certificate Authority (CA), use the ssl
gencsr rsakey command. This command generates a CSR in PKCS10 encoded in
PEM format.
You must generate a CSR file if you are requesting a new certificate or renewing
a certificate. When the CA signs the CSR using its RSA private key, the CSR
becomes the certificate.
The rsakey variable specifies the key on which the RSA certificate is built. It is
the public key that is embedded in the certificate.
To use the RSA key pair to generate a CSR, ensure the RSA key pair file is loaded
on the CSS. Associate an RSA key pair name to the generated RSA keypair (see
the
"Associating Certificate and Private Key Files with Names"
section). If the
appropriate key pair does not exist, the CSS logs an error message.
For example, to generate a CSR based on the RSA key pair myrsakey1, enter:
CSS11503(config)# ssl gencsr myrsakey1
You are about to be asked to enter information
that will be incorporated into your certificate
request. What you are about to enter is what is
called a Distinguished Name or a DN.
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [US]US
State or Province (full name) [SomeState]New York
Locality Name (city) [SomeCity]Albany
Organization Name (company name) [Acme Inc]Cisco Systems, Inc.
Organizational Unit Name (section) [Web Administration]Web Admin
Common Name (your domain name) [www.acme.com]www.cisco.com
Email address [webadmin@acme.com]webadmin@cisco.com
-----BEGIN CERTIFICATE REQUEST-----
MIIBWDCCAQICAQAwgZwxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTETMBEGA1UE
BxMKQm94Ym9yb3VnaDEcMBoGA1UEChMTQ2lzY28gU3lzdGVtcywgSW5jLjESMBAG
A1UECxMJV2ViIEFkbWluMRYwFAYDVQQDEw13d3cuY2lzY28uY29tMSEwHwYJKoZI
hvcNAQkBFhJra3JvZWJlckBjaXNjby5jb20wXDANBgkqhkiG9w0BAQEFAANLADBI
Cisco Content Services Switch SSL Configuration Guide
3-8
OL-5655-01

Advertisement

Table of Contents
loading

This manual is also suitable for:

11500 series

Table of Contents