Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Installation of Cert and key for an appliation

Hi All,

Can any body help me to know the best practices to be followed while installing a cert and key for an URL?

It would be very help if you could share any link to learn about installation of cert and key.

Regards,

Thiyagarajan

1 REPLY
Bronze

Installation of Cert and key for an appliation

Hello Thiyagarajan-

  Configuration Links:

http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Configuration_Examples_--_SSL_Configuration_Examples#Example_of_an_SSL_Termination_Configuration

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c3045.shtml

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c6f37.shtml

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA4_1_0/configuration/ssl/guide/sslgd.html

You want to install 1 cert/key pair per domain.  If you have a multi-domain or wildcard cert, you may need less.

The easiest way to install single certificates is to use the terminal and cut-paste them into the screen:

host1/Admin# crypto import terminal MYCERT.PEM

Enter PEM formatted data ending with a blank line or "quit" on a line 
by itself

--------BEGIN CERTIFICATE-----------------------

MIIC1DCCAj2gAwIBAgIDCCQAMA0GCSqGSIb3DQEBAgUAMIHEMQswCQYDVQQGEwJa

QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAb

BgNVBAoTFFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0

aW9uIFNlcnZpY2VzIERpdmlzaW9uMRkwFwYDVQQDExBUaGF3dGUgU2VydmVyIENB

MSYwJAYJKoZIhvcNAQkBFhdzZXJ2ZXItY2VydHNAdGhhd3RlLmNvbTAeFw0wMTA3

-----------END CERTIFICATE------------------------

quit

The easiest way to import many at once is to use the SFTP bulk import:

host1/Admin# crypto import bulk sftp 1.1.1.1 JOESMITH /USR/SSLFiles/*.PEM

Initiating bulk import. Please wait, it might take a while...

Connecting to 1.1.1.1...

Password: password

...

Bulk import complete. Summary:

Network errors:                                                        0

Bad file URL: 0

Specified local files already exists:                                                       0

Invalid file names:                                                        1

Failed reading remote files:                                                        5

Failed reading local files:                                                        0

Failed writing local files:                                                        0

Other errors:                                                        0

Successfully imported: 16                                                       10

host1/Admin#

285
Views
0
Helpful
1
Replies
CreatePlease to create content