11-18-2022 11:10 AM
I'm trying to import a third-party SSL certificate and its private key for use with VPN and HTTPS on a ISR 1100 router. I've created trust points for the CA and intermediates. I think I've got everything nearly ready. However, one thing is really blocking progress. I simply can't import the certificate and its private key. Below is what I was trying and many variations on this.
The keys have been edited for obvious reasons.
I've tried a none encrypted private key and plenty variations of encryption and passwords to see if the pair will import. I just keep getting this import failed status = 10 failure. But that's not really telling me anything. I've done a lot of searches but so far no solutions. I've chcked the key pair many times and they are perfectly fine.
Anyone have an idea?
Router#
Router#crypto key import rsa VPN terminal password
% Enter PEM-formatted public General Purpose key or certificate.
% End with a blank line or "quit" on a line by itself.
-----BEGIN CERTIFICATE-----
MIIHljCCBX6gAwIBAgIQC5tMYW2nOFjAUT/HOPqK1TANBgkqhkiG9w0BAQsFADBc
tQeFpCYCWkHVSJd/+99pm/i5GHDaGdGwYfM=
-----END CERTIFICATE-----
% Enter PEM-formatted encrypted private General Purpose key.
% End with "quit" on a line by itself.
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIt08d4tmHLVwCAggA
3PHqAvld48IhpfxGuVAqzA==
-----END ENCRYPTED PRIVATE KEY-----
quit
% Key pair import failed. status = 10
Router#
11-19-2022 04:38 AM
check below thread :
https://community.cisco.com/t5/routing/import-rsa-keys-for-ssh/td-p/1134536
11-20-2022 01:57 AM
Sadly, that link is broken.
11-20-2022 02:27 AM
it works for me though.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide