Removing key pairs, Configuring trustpoints – Cisco ASA 5505 User Manual

Page 828

41-10

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 41 Configuring Digital Certificates

Configuring Digital Certificates

Removing Key Pairs

To remove key pairs, perform the following steps:

Examples

The following example shows how to remove key pairs:

hostname(config)# crypto key zeroize rsa

WARNING: All RSA keys will be removed.

WARNING: All device certs issued using these keys will also be removed.

Do you really want to remove these keys? [yes/no] y

Configuring Trustpoints

To configure a trustpoint, perform the following steps:

Step 3

show crypto key

name of key

Example:

hostname/contexta(config)# show crypto key

examplekey

Verifies key pairs that you have generated.

Step 4

write memory

Example:

hostname(config)# write memory

Saves the key pair that you have generated.

Command

Purpose

Command

Purpose

crypto key zeroize rsa

Example:

hostname(config)# crypto key zeroize rsa

Removes key pairs.

Command Purpose

Step 1

crypto ca trustpoint

trustpoint-name

Example:

hostname/contexta(config)# crypto ca trustpoint Main

Creates a trustpoint that corresponds to the CA from
which the ASA needs to receive a certificate. Enters
the crypto ca trustpoint configuration mode, which
controls CA-specific trustpoint parameters that you
may configure starting in Step 3.

Step 2

Choose one of the following options:

This manual is related to the following products:

ASA 5585-X ASA 5555-X ASA 5545-X ASA 5525-X ASA 5515-X ASA 5512-X ASA 5580 ASA 5550 ASA 5540 ASA 5520 ASA 5510 ASA 5500 Series