Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
1
Replies

Restoring Configuration of an SSL Module

v.kreisel
Level 1
Level 1

‎07-25-2005 09:26 PM

I would like to write a document

about config restore of an C6K SSL module. Restoring the saved

running-config is not enough.

Key pairs have to be imported manually. (crypto key import ...).

SSL certificates using those keys are included in the running config but "ssl-proxy- services" using those keys/ceritificates are not working after restore of saved

running-config.

Are there any experiences regarding this issue in the field ?

Labels:
0 Helpful
1 Reply 1

smahbub
Level 6
Level 6

‎07-29-2005 11:38 AM

Although there is no specific documented process for correctly backing up certificates and config and restoring, saving your SSL config is documented at the following link:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00801f33c6.html#wp1164534

To backup, just change the destination to a non-local filesystem. Such as:

copy system:running-config ftp:sslmconfig

Since private keys aren't copied when this is done, it's suggested to back up key pairs and the associated certificate chain by exporting each trustpoint to a PKCS12 file. This is detailed here:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00801f33c6.html#wp1091575

Hope this helps.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card