cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
965
Views
0
Helpful
1
Replies

NX-OS PKI SHA2 CSR

Andrew Devine
Level 1
Level 1

Hi,

For our production implementation of Cisco Nexus Data Broker on Nexus 3100 series switches we are using centralised mode and OpenFlow.  In order to secure the connection between the controller and switch we require TLS and the use of our enterprise PKI.  Our PKI supports only SHA2 certificates and has specific requirements for fields to be included in the CSR.

 

Creating the CSR on within NX-OS provides extremely limited options and all requests are SHA-1.  SHA-1 was officially deprecated by NIST in 2011 yet I see no way of using SHA2 certificates with NX-OS.

I thought of creating the certificate using openssl and then importing in PKCS#12 Format, but not sure whether that will work?   Any thoughts?

Cheers,

Andrew

1 Reply 1

Andrew Devine
Level 1
Level 1

Solved this by enabling bash and using openssl, then importing a pcks12 file

 

Review Cisco Networking for a $25 gift card