cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
16059
Views
5
Helpful
2
Replies

How do I delete then create a new self signed Cert for sslvpn?

xler8or32
Level 1
Level 1

I have a 881w router with IOS 15.0.1m.  I messed up creating one now I need to delete it then redo it. I delete it in C pro and then reboot the router and its back. I think its the main one, could be wrong.  Id like to do it in CLI.

ThanKS

2 Replies 2

Ivan Martinon
Level 7
Level 7

As far as I remember, the self signed certificate that comes with the router will always be regenerated at every reboot, why don't you create a different trustpoint and make that a self singed certificate, creating the cert and then using it where you need it.

Ricardo Prado Rueda
Cisco Employee
Cisco Employee

Hi,

   Since you are using a Web GUI to configure the router, the SSL certificate will be re-generated after a reload since the router

acts as an HTTPS server. To do this through the CLI use the following steps:

1. Remove the crypto trustpoint that was auto-generated. Example:

ROUTER#config t
Enter configuration commands, one per line.  End with CNTL/Z.
ROUTER(config)#no crypto pki trustpoint TP-self-signed-32922157
% Removing an enrolled trustpoint will destroy all certificates
received from the related Certificate Authority.

Are you sure you want to do this? [yes/no]: yes
% Be sure to ask the CA administrator to revoke your certificates.

ROUTER(config)#

2. Generate RSA key :

ROUTER(config)#crypto key generate rsa general-keys label modulus 1024 exportable

3. Create PKI trustpoint:

ROUTER(config)#crypto pki trustpoint

ROUTER(config)#enrollment selfsigned

ROUTER(config)#rsakeypair

ROUTER(config)#exit

4. Enroll trustpoint:

ROUTER(config)#crypto pki enroll

% Include the router serial number in the subject name? [yes/no]: no
% Include an IP address in the subject name? [no]: no
Generate Self Signed Router Certificate? [yes/no]: yes

Router Self Signed Certificate successfully created

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: