Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Is trustpoint CISCO_IDEVID_SUDI needed?

I recently received a new used 4507R+E with dual sup7-E's.  When reviewing the running configuration I noticed two trustpoints, CISCO_IDEVID_SUDI & CISCO_IDEVID_SUDI0, that look like they could be native to the chassis from Cisco but I have never seen these before on other switches.  I wiped the switch issuing the erase /all non-default command but the trustpoints remain.  Does anyone know what these certificates are for and if it's safe to remove them?

I also have the following files present:


16915456 bytes total (16660992 bytes free)
Directory of nvram:/

  512  -rw-        4598                    <no date>  startup-config
  513  ----        3755                    <no date>  private-config
  514  -rw-        4598                    <no date>  underlying-config
    1  ----         202                    <no date>  persistent-data
    2  ----           0                    <no date>  rf_cold_starts
    3  -rw-        1058                    <no date>  cpu_threshold_trap.eci
    5  -rw-        1528                    <no date>  license_trap.eci
    7  -rw-         886                    <no date>  memory_trap.eci
    8  -rw-         858                    <no date>  rf_trap.eci
    9  -rw-         108                    <no date>  ma_trap_keyword
   10  -rw-        1110                    <no date>  CiscoManufac#E663.cer
   12  -rw-        1245                    <no date>  CiscoRootCA2#3CA.cer
   14  -rw-         839                    <no date>  CiscoRootCA2#ADFFCA.cer
   15  -rw-           0                    <no date>  ifIndex-table.gz

 

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

I believe manufacturing is

I believe manufacturing is starting to pre-install these to enhance customer adoption of the Smart Call Home (SCH) feature which can use https and requires a device certificate in that instance (and the certificate signing chain which are the other .cer files you see).

Lots more docs here.

Bottom line - if you don't want to use SCH you can safely delete them.

3 REPLIES
Hall of Fame Super Silver

I believe manufacturing is

I believe manufacturing is starting to pre-install these to enhance customer adoption of the Smart Call Home (SCH) feature which can use https and requires a device certificate in that instance (and the certificate signing chain which are the other .cer files you see).

Lots more docs here.

Bottom line - if you don't want to use SCH you can safely delete them.

Community Member

Re: I believe manufacturing is

Hi,

 

I have a similar issue to this but when I remove the certificate 'no crypto pki cert CISCO_IDEVID_SUDI’  upon reload of the device it returns, how can I permanently remove it?  This cert is causing us issues.

 

Thanks

Community Member

That's what I thought. Thanks

That's what I thought.

 

Thanks

783
Views
0
Helpful
3
Replies
CreatePlease to create content