Cisco CP-7911G-CH1 System Administrator Manual page 187

Unified sccp and sip srst

Hide thumbs

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

Table of Contents

Configuring Secure SRST for SCCP and SIP

DETAILED STEPS

Command or Action

Step 1

crypto pki server cs-label

Example:

Router (config)# crypto pki server srstcaserver

Step 2

database level {minimal | names | complete}

Example:

Router (cs-server)# database level complete

Step 3

database url root-url

Example:

Router (cs-server)# database url nvram

Step 4

issuer-name DN-string

Example:

Router (cs-server)# issuer-name CN=srstcaserver

OL-13143-04

Purpose

Enables the certificate server and enters certificate server

configuration mode.

Note

If you manually generated an RSA key pair, the

cs-label argument must match the name of the key

pair.

For more information on the certificate server, see the

Cisco IOS Certificate Server

Controls what type of data is stored in the certificate

enrollment database.

•

minimal: Enough information is stored only to

continue issuing new certificates without conflict; this

is the default.

names: In addition to the information given in the

•

minimal level, the serial number and subject name of

each certificate are stored.

complete: In addition to the information given in the

•

minimal and names levels, each issued certificate is

written to the database.

The complete keyword produces a large amount of

Note

information; if it is issued, you should also specify

an external TFTP server on which to store the data

via the database url command.

Specifies the location where all database entries for the

certificate server will be written. After you create a

certificate server via the crypto pki server command, use

this command to specify a combined list of all the

certificates that have been issued. The root-url argument

specifies the location where database entries are written.

•

The default location for the database entries to be

written is flash; however, NVRAM is recommended for

this task.

Sets the CA issuer name to the specified distinguished name

(DN-string). The default value is as follows:

issuer-name CN=cs-label.

Cisco Unified SCCP and SIP SRST System Administrator Guide

How to Configure Secure Unified SRST

documentation.

187

Table of Contents

Cisco CP-7911G-CH1 System Administrator Manual page 187

Troubleshooting

Related Products for Cisco CP-7911G-CH1

Cisco CP-7911G-CH1 System Administrator Manual page 187

Troubleshooting

Related Manuals for Cisco CP-7911G-CH1

Related Products for Cisco CP-7911G-CH1

Table of Contents