Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1638
Views
0
Helpful
1
Replies

Is there a way to zeroize crypto keys and pki trustpoints without dropping ipsec connections?

Sean Franklin
Level 1
Level 1

‎09-24-2013 06:45 AM - edited ‎02-21-2020 07:11 PM

I'm trying to get CCP working on my edge router. Easy to do if connecting unsecurely but due to our requirements that's not something that I can leave configured. So when trying to connect securely and attempting to discover the device I get a certificate rejected error. I see that the fix action is to zeroize the crytpo keys and delete the pki trustpoints. Is there any way to do this without dropping connections, or will this have to be an ASI?.. Thanks.                  

Labels:
0 Helpful
1 Reply 1

Rashid Thompson
Level 1
Level 1

‎09-27-2013 01:57 PM

If you just want to just delete a particular key, use the "label" parameter, with the name of the key in place of "WORD":

crypto key zeroize rsa label WORD

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents