03-13-2012 10:23 PM
Hi All,
Can any body help me to know the best practices to be followed while installing a cert and key for an URL?
It would be very help if you could share any link to learn about installation of cert and key.
Regards,
Thiyagarajan
03-21-2012 11:17 AM
Hello Thiyagarajan-
Configuration Links:
You want to install 1 cert/key pair per domain. If you have a multi-domain or wildcard cert, you may need less.
The easiest way to install single certificates is to use the terminal and cut-paste them into the screen:
host1/Admin# crypto import terminal MYCERT.PEM
Enter PEM formatted data ending with a blank line or "quit" on a line by itself
--------BEGIN CERTIFICATE-----------------------
MIIC1DCCAj2gAwIBAgIDCCQAMA0GCSqGSIb3DQEBAgUAMIHEMQswCQYDVQQGEwJa
QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAb
BgNVBAoTFFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0
aW9uIFNlcnZpY2VzIERpdmlzaW9uMRkwFwYDVQQDExBUaGF3dGUgU2VydmVyIENB
MSYwJAYJKoZIhvcNAQkBFhdzZXJ2ZXItY2VydHNAdGhhd3RlLmNvbTAeFw0wMTA3
-----------END CERTIFICATE------------------------
quit
The easiest way to import many at once is to use the SFTP bulk import:
host1/Admin# crypto import bulk sftp 1.1.1.1 JOESMITH /USR/SSLFiles/*.PEM
Initiating bulk import. Please wait, it might take a while...
Connecting to 1.1.1.1...
Password: password
...
Bulk import complete. Summary:
Network errors: 0
Bad file URL: 0
Specified local files already exists: 0
Invalid file names: 1
Failed reading remote files: 5
Failed reading local files: 0
Failed writing local files: 0
Other errors: 0
Successfully imported: 16 10
host1/Admin#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide