Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

How do I delete then create a new self signed Cert for sslvpn?

I have a 881w router with IOS 15.0.1m.  I messed up creating one now I need to delete it then redo it. I delete it in C pro and then reboot the router and its back. I think its the main one, could be wrong.  Id like to do it in CLI.



Re: How do I delete then create a new self signed Cert for sslvp

As far as I remember, the self signed certificate that comes with the router will always be regenerated at every reboot, why don't you create a different trustpoint and make that a self singed certificate, creating the cert and then using it where you need it.

Cisco Employee

Re: How do I delete then create a new self signed Cert for sslvp


   Since you are using a Web GUI to configure the router, the SSL certificate will be re-generated after a reload since the router

acts as an HTTPS server. To do this through the CLI use the following steps:

1. Remove the crypto trustpoint that was auto-generated. Example:

ROUTER#config t
Enter configuration commands, one per line.  End with CNTL/Z.
ROUTER(config)#no crypto pki trustpoint TP-self-signed-32922157
% Removing an enrolled trustpoint will destroy all certificates
received from the related Certificate Authority.

Are you sure you want to do this? [yes/no]: yes
% Be sure to ask the CA administrator to revoke your certificates.


2. Generate RSA key :

ROUTER(config)#crypto key generate rsa general-keys label modulus 1024 exportable

3. Create PKI trustpoint:

ROUTER(config)#crypto pki trustpoint

ROUTER(config)#enrollment selfsigned



4. Enroll trustpoint:

ROUTER(config)#crypto pki enroll

% Include the router serial number in the subject name? [yes/no]: no
% Include an IP address in the subject name? [no]: no
Generate Self Signed Router Certificate? [yes/no]: yes

Router Self Signed Certificate successfully created

CreatePlease to create content