HP AJ732A Cisco MDS 9000 Family Storage Media Encryption Configuration Guide - - Page 249
Ensure that you include the BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST
UPC - 883585789481
View all HP AJ732A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 249 highlights
Appendix C Provisioning Self-Sign Certificates Configuring SSL for Cisco SME Send documentation comments to [email protected] Step 7 Generate a certificate request for enrolling with the trustpoint created in Step 3. switch(config)# crypto ca enroll my_ca Create a challenge password. You will need to verbally provide this password to the CA Administrator in order to revoke your certificate. For security reasons your password will not be saved in the configuration. Please make a note of it. Password:nbv123 The subject name in the certificate will be: ips-vegas8.cisco.com Include the switch serial number in the subject name? [yes/no]:no Include an IP address in the subject name [yes/no]:no The certificate request will be displayed... ----BEGIN CERTIFICATE REQUEST---MIIBJTCB0AIBADAfMR0wGwYDVQQDExRpcHMtdmVnYXM4LmNpc2NvLmNvbTBcMA0G CSqGSIb3DQEBAQUAA0sAMEgCQQCeAzv5w9d32YpPfYdNYoFjOW0yRVbYEe+mNHi8 b2VPOVZ6UOFdhIS1Im0/Xv1Bpcuy4TRktu7whNyyvvu3niVdAgMBAAGgTDAVBgkq hkiG9w0BCQcxCBMGbmJ2MTIzMDMGCSqGSIb3DQEJDjEmMCQwIgYDVR0RAQH/BBgw FoIUaXBzLXZlZ2FzOC5jaXNjby5jb20wDQYJKoZIhvcNAQEEBQADQQBzPcKE3Eje TjODnPXNkz1WsU3oUdsuxOT/m1OSBZvhBfHICQZZpfS2ILqaQP16LiZCZydHWViN Q+9LmHUZ4BDG ----END CERTIFICATE REQUEST---- switch(config)# Step 8 Create a file named switch.csr in the OpenSSL.exe directory. Cut and paste the certificate request created in Step 7. Ensure that you include the BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST lines in the file content. Step 9 Generate an identity certificate for this certificate request in the OpenSSL application by entering the following command: OpenSSL> x509 -req -days 365 -in switch.csr -CA cacert.pem -CAkey privkey.pem -set_serial 01 -out switch.pem Step 10 Import the trustpoint certificate at the switch by cutting and pasting the contents of the switch.pem file that was created in Step 9. switch(config)# crypto ca import my_ca certificate input (cut & paste) certificate in PEM format: ----BEGIN CERTIFICATE---MIIB4jCCAUsCAQEwDQYJKoZIhvcNAQEEBQAwgZcxCzAJBgNVBAYTAlVTMRMwEQYD VQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEaMBgGA1UEChMRQ2lz Y28gU3lzdGVtcyBJbmMxDjAMBgNVBAsTBURldmVsMREwDwYDVQQDEwhtYW1hc3Nl eTEhMB8GCSqGSIb3DQEJARYSbWFtYXNzZXlAY2lzY28uY29tMB4XDTA3MTIxNDAy MzIzOVoXDTA4MTIxMzAyMzIzOVowHzEdMBsGA1UEAxMUaXBzLXZlZ2FzOC5jaXNj by5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAngM7+cPXd9mKT32HTWKBYzlt MkVW2BHvpjR4vG9lTzlWelDhXYSEtSJtP179QaXLsuE0ZLbu8ITcsr77t54lXQID AQABMA0GCSqGSIb3DQEBBAUAA4GBAKR3WAAF/9zMb2u9A42I2cB2G5lucSzndc4P +O4sYZF5pBt7UpyAs1GKAqivGXVq2FJ2JetX78Fqy7jYCzanWm0tck0/G1dSfr/X lCFXUuVed9de02yqxARSEx8mX4ifqzYHErHdbi+vDAaMzkUEvHWthOuUZ7fvpoNH +xhRAuBo ----END CERTIFICATE---- Step 11 Repeat steps 2 through 9 for all the switches managed by a Fabric Manager server. Ensure that the same trustpoint is used for all the switches in this Fabric Manager server. OL-18091-01, Cisco MDS NX-OS Release 4.x Cisco MDS 9000 Family Storage Media Encryption Configuration Guide C-3