Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
488
Views
0
Helpful
1
Replies

Installation of Cert and key for an appliation

thiyagarajankalaiselvan
Level 1
Level 1

‎03-13-2012 10:23 PM

Hi All,

Can any body help me to know the best practices to be followed while installing a cert and key for an URL?

It would be very help if you could share any link to learn about installation of cert and key.

Regards,

Thiyagarajan

Labels:
0 Helpful
1 Reply 1

chrhiggi
Level 3
Level 3

‎03-21-2012 11:17 AM

Hello Thiyagarajan-

  Configuration Links:

http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Configuration_Examples_--_SSL_Configuration_Examples#Example_of_an_SSL_Termination_Configuration

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c3045.shtml

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c6f37.shtml

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA4_1_0/configuration/ssl/guide/sslgd.html

You want to install 1 cert/key pair per domain.  If you have a multi-domain or wildcard cert, you may need less.

The easiest way to install single certificates is to use the terminal and cut-paste them into the screen:

host1/Admin# crypto import terminal MYCERT.PEM

Enter PEM formatted data ending with a blank line or "quit" on a line 
by itself


--------BEGIN CERTIFICATE-----------------------


MIIC1DCCAj2gAwIBAgIDCCQAMA0GCSqGSIb3DQEBAgUAMIHEMQswCQYDVQQGEwJa


QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAb


BgNVBAoTFFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0


aW9uIFNlcnZpY2VzIERpdmlzaW9uMRkwFwYDVQQDExBUaGF3dGUgU2VydmVyIENB


MSYwJAYJKoZIhvcNAQkBFhdzZXJ2ZXItY2VydHNAdGhhd3RlLmNvbTAeFw0wMTA3


-----------END CERTIFICATE------------------------


quit

The easiest way to import many at once is to use the SFTP bulk import:

host1/Admin# crypto import bulk sftp 1.1.1.1 JOESMITH /USR/SSLFiles/*.PEM


Initiating bulk import. Please wait, it might take a while...


Connecting to 1.1.1.1...


Password: password


...


Bulk import complete. Summary:


Network errors:                                                        0


Bad file URL: 0


Specified local files already exists:                                                       0


Invalid file names:                                                        1


Failed reading remote files:                                                        5


Failed reading local files:                                                        0


Failed writing local files:                                                        0


Other errors:                                                        0


Successfully imported: 16                                                       10


host1/Admin#

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card