Example 206 Requesting a Certificate from the CA

NewYork#configure terminal

NewYork(config)#crypto ca enroll CA-Server

% Start certificate enrollment...

% Create a challenge password. You need to verbally provide this password to the CA administrator to revoke your certificate.

For security reasons, your password will not be saved in the configuration. Please make a note of it.

Password: <password> Re-enter password: <password>

% The subject name in the certificate will be: NewYork.NY.com % Include the router serial number in the subject name? (yes/no): no % Include the IP address in the subject name? (yes/no): no Request certificate from CA? (yes/no) yes % Certificate request sent to certificate authority % The certificate request fingerprint will be displayed.

% The show crypto ca certificate command will also show the fingerprint.


Signing Certificate Request Fingerprint: 1D017C1F 9AE457BD 501BA5DF CF472D21

Encryption Certificate Request Fingerprint: 2FF054AB 01DC2A22 AB147620 05C5AB5F

To delete the current enrollment, use the no crypto ca enroll command. Step 8.

Save the configuration to the router. Ensure that the current configuration is saved. Write the configuration to memory using the copy running-config startup-config command.

0 0

Post a comment