Generating Certificates And Private Keys In The Css - Cisco 11503 - CSS Content Services Switch Configuration Manual
Content services switch ssl configuration guide
Hide thumbs
Also See for 11503 - CSS Content Services Switch:
- Administration manual (392 pages) ,
- Hardware installation manual (184 pages) ,
- Getting started manual (142 pages)
Table of Contents
Advertisement
Generating Certificates and Private Keys in the CSS
Generating Certificates and Private Keys in the CSS
Note
Cisco Content Services Switch SSL Configuration Guide
3-4
If you have preexisting certificates and private keys, you can import them to the
CSS disk. For information on importing preexisting certificates and private keys,
see the
"Importing or Exporting Certificates and Private Keys"
If you do not have preexisting keys, Diffie-Hellman parameters, and certificates
for the CSS, the CSS includes a series of certificate and private key management
utilities to generate them. These utilities simplify the process of generating an
RSA private key, a DSA private key, a Diffie-Hellman parameter file, a certificate
signing request (CSR), and a self-signed temporary certificate.
The ssl genrsa, gencsr, gendsa, and gencert commands all produce a valid
certificate or key pair. Be aware, however, that most Web browsers will flag the
certificate as signed by an unrecognized signing authority.
A generated certificate is temporary and expires in one year. The ssl gencsr
command generates a certificate request in PKCS10 encoded in Privacy Enhanced
Mail (PEM) format.
This section covers:
Generating an RSA Key Pair
•
Generating a DSA Key Pair
•
Generating Diffie-Hellman Key Parameters
•
Using an RSA Key to Generate a Certificate Signing Request
•
Generating a Self-Signed Certificate
•
Chapter 3
Configuring SSL Certificates and Keys
section.
OL-5655-01
Advertisement
Table of Contents
