cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

741
Views
0
Helpful
4
Replies
Willnetwork
Beginner

Configure CA Server - Nexus 9k

Is it possible to configure my Nexus 9k to be a CA server? If so, please provide configuration guide link/URL.

 

Thank you!

1 ACCEPTED SOLUTION

Accepted Solutions

Lets discuss facts here, Most of DC envronment have CA/ PKI full infrastructure availble, most time this is good to in Lab environment to be deployed as testing.

 

But personally i do not suggested in production environment Switch ACT CA/PKI Server, rather i get simple Pi or any Linux box act as PKI Server

 

or if you have ISE can do the job most of the cisco environment.

 

yes - i provided the information so you understand correctly before we put in  live environment.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

View solution in original post

4 REPLIES 4

balaji,

 

Thank you for the quick reply!

 

After reading the documentation you posted, it looks like the NX-OS doesn't support the ability to configure the Nexus 9k as a CA Server. The documentation you provided explains how to configure trusted CAs but the ability to configure the Nexus 9k as an actual CA server that would allow me to issue/sign certificates.

 

Do you agree?

 

v/r

Willnetwork 

Lets discuss facts here, Most of DC envronment have CA/ PKI full infrastructure availble, most time this is good to in Lab environment to be deployed as testing.

 

But personally i do not suggested in production environment Switch ACT CA/PKI Server, rather i get simple Pi or any Linux box act as PKI Server

 

or if you have ISE can do the job most of the cisco environment.

 

yes - i provided the information so you understand correctly before we put in  live environment.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

View solution in original post

Balaji,

 

Again, thank you for your reply!

Our SysAdmin will deploy a CA/PKI server on a Windows 2019 server (within our server farm) and it will server as our long-term PKI solution for the infrastructure.

I was hoping to configure my Nexus 9k L3 switches as a CA/PKI server only as a temporary solution for testing purposes, but unfortunately this doesn't seem possible.

Again, thank you for all the useful information and replies.  

 

v/r

Willnetwork