https://community.cisco.com/t5/routing/ios-import-aes-keys/m-p/5206315#M404799 <P>Hello Community.</P> <P>I would like to establish&nbsp;Certificate-based SIP-trunk to WxC. When&nbsp;tried to import crypto key generated outside router</P> <P><STRONG>crypto key import rsa ownKEY general-purpose exportable terminal p@ssword</STRONG></P> <P>there is a problem. Only 3DES ecrypted password is accepted. No AES, no unencrypted only 3DES.</P> <P>Other thing is that debug do not shows it in clear alert but some numbers like -1 or 11.</P> <P>Next thing that key export allows to AES key encryption but You are not able to import it back.</P> <P>So in 2024 it should be shame that Cisco accept only weak algorithm.</P> <P>Tested on&nbsp;Virtual XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.9.4a</P> <P>Regards<BR />Hermozol</P> Thu, 10 Oct 2024 07:41:54 GMT Hermozol 2024-10-10T07:41:54Z https://community.cisco.com/t5/routing/ios-import-aes-keys/m-p/5206315#M404799 <P>Hello Community.</P> <P>I would like to establish&nbsp;Certificate-based SIP-trunk to WxC. When&nbsp;tried to import crypto key generated outside router</P> <P><STRONG>crypto key import rsa ownKEY general-purpose exportable terminal p@ssword</STRONG></P> <P>there is a problem. Only 3DES ecrypted password is accepted. No AES, no unencrypted only 3DES.</P> <P>Other thing is that debug do not shows it in clear alert but some numbers like -1 or 11.</P> <P>Next thing that key export allows to AES key encryption but You are not able to import it back.</P> <P>So in 2024 it should be shame that Cisco accept only weak algorithm.</P> <P>Tested on&nbsp;Virtual XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.9.4a</P> <P>Regards<BR />Hermozol</P> Thu, 10 Oct 2024 07:41:54 GMT https://community.cisco.com/t5/routing/ios-import-aes-keys/m-p/5206315#M404799 Hermozol 2024-10-10T07:41:54Z