Importing Or Exporting Certificates And Private Keys - Cisco 11503 - CSS Content Services Switch Configuration Manual

Content services switch ssl configuration guide

Hide thumbs Also See for 11503 - CSS Content Services Switch:

Administration manual (392 pages)

Hardware installation manual (184 pages)

Getting started manual (142 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

Table of Contents

Importing or Exporting Certificates and Private Keys

Cisco Content Services Switch SSL Configuration Guide

3-12

Then you must chain both certificates together in a single file, creating a chained

certificate. As one file, the CSS returns the entire certificate chain to the client

upon the initial SSL handshake.

Copy the server global and intermediate certificates to an FTP server. When

creating a chained certificate for the CSS, make sure that the global and

intermediate certificate are in their proper order. In one file, paste the server

global site certificate first, followed by the intermediate certificate. You must

insert a single new line between the certificates.

Save the file and import it to the CSS, as described in the

Certificates and Private Keys"

You can import preexisting or new certificates and private keys to the CSS disk

from a file, or a series of files, that are stored on a remote secure server. For

information on generating certificates, see the

Private Keys in the CSS"

To transfer these files, Cisco Systems recommends that you use a secure

encrypted transport mechanism between the CSS and the remote server. The CSS

supports the Secure Shell protocol (SSHv2), which provides secure encryption

communications between two hosts over an insecure network. The CSS supports

file transport between network devices using the Secure File Transfer Protocol

(SFTP) and the File Transfer Protocol (FTP). Of the two file transport protocols,

Cisco Systems recommends SFTP as the transport mechanism of choice. It is

similar to FTP except that it uses a secure and encrypted connection.

Before you import certificates or keys to the CSS:

On the CSS, ensure that SSH access to the CSS is enabled to accept

•

connections from SSH clients and that the Secure Management license key is

installed prior to transferring certificates and keys. By default, SSH access is

enabled through the no restrict ssh global command. If SSH access is

restricted, or if the license key is not installed, SSH will not accept

connections from SSH clients and the copy ssl sftp command will fail,

resulting in generation of an error message.

Chapter 3

section.

"Generating Certificates and

section.

Configuring SSL Certificates and Keys

"Importing or Exporting

OL-5655-01

Table of Contents

This manual is also suitable for:

11500 series

Importing Or Exporting Certificates And Private Keys - Cisco 11503 - CSS Content Services Switch Configuration Manual

Importing or Exporting Certificates and Private Keys

Related Manuals for Cisco 11503 - CSS Content Services Switch

Related Content for Cisco 11503 - CSS Content Services Switch

This manual is also suitable for:

Table of Contents