cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
314
Views
6
Helpful
4
Replies

Un Known configuration at my switch

kranthiccna
Level 1
Level 1

Hi,

this is kranthi,i have find some unusual configuration at my end .we are using 3750 switch please check below config.

!

!

crypto ca certificate chain TP-self-signed-1139951744

certificate self-signed 01

3082029C 30820205 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

58312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 31313339 39353137 34343125 30230609 2A864886 F70D0109

02161654 54534C5F 4D52542D 564C414E 2D535731 2E747473 6C301E17 0D393330

33303130 30303134 375A170D 32303031 30313030 30303030 5A305831 2F302D06

03550403 1326494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174

652D3131 33393935 31373434 31253023 06092A86 4886F70D 01090216 16545453

4C5F4D52 542D564C 414E2D53 57312E74 74736C30 819F300D 06092A86 4886F70D

01010105 0003818D 00308189 02818100 B79246A6 69534720 2FA8CAD2 20227D05

735187AB 1598EF90 0C637687 FA35812E 89E0611B 62F32912 F20376FC F72752FC

E6C25662 9B44F552 F3FB7317 A6CFA776 DFE56D8D 6209D151 4DE9AC85 F7FB5CAB

D06EF034 4E6B3DC1 4D2680FA 39F48C54 3D62A234 0524A9DF 558545F8 356A8CBF

B0802C69 D369CDA6 6C26BCBE 546AA1F3 02030100 01A37630 74300F06 03551D13

0101FF04 05300301 01FF3021 0603551D 11041A30 18821654 54534C5F 4D52542D

564C414E 2D535731 2E747473 6C301F06 03551D23 04183016 8014D0CC F72486CB

C77F1CB9 ACA2DC7A 9920C8F4 C74D301D 0603551D 0E041604 14D0CCF7 2486CBC7

7F1CB9AC A2DC7A99 20C8F4C7 4D300D06 092A8648 86F70D01 01040500 03818100

7DD18BCE 453D8DE1 13376886 326D3245 776E5E27 EFBBAA7F 9D53DC25 C1C7255E

C052F04E 26098EDE 573FF70E B3DBF02E EAB451CB B2B76599 10160EAE A8CE1EFA

4DB5F737 6E779FBC 910CD84C F76DE431 DA05E828 D142B4B1 16AF4E6D 52C85D90

65873C98 51C37F8E 6D08768E 2F23B3EF A4C6639E 72C9CD4B C754BCC9 C5ADF3FF

quit

!

!

Please help me to find it out exact reason for the same.

thanks in advance,

regards,

Kranthi.A

4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

Kranthi

The crypto certificate is included in the config by the operating system code. It is to support machine authentication. Traditionally we have done most authentication with pre-shared keys and passwords. Authenticating with certificates is another alternative for machine authentication. The crypto certificate is here to support that if your implementation chooses to use it.

It will not hurt anything to leave it in the config. And if you are not planning to do certificate based authentication it will not hurt anything if you remove it.

HTH

Rick

HTH

Rick

Joseph W. Doherty
Hall of Fame
Hall of Fame

I believe a 3750, if you have a crypto image, will create its own certificate to support SSH access to the switch.

kranthiccna
Level 1
Level 1

thank you

Thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco