cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
762
Views
0
Helpful
0
Replies

Crypto PKI CERTIFICATE POOL (WS-C2960X-24TS-L)

Damon M.
Level 1
Level 1

Hi all!

 

I've got a question about the mentioned title subject.

 

I've done a reset on a switch of ours ; WS-C2960X-24TS-L, so i can start all over again and after i configured my username, domain name and host name i did a quick sh running-config to check and came across the following lines :

 

 

crypto pki certificate pool
 certificate ca 01
  30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
  32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
  6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
XXXXXXXX
        quit
 certificate ca 0509
  308205B7 3082039F A0030201 02020205 09300D06 092A8648 86F70D01 01050500
  3045310B 30090603 55040613 02424D31 19301706 0355040A 13105175 6F566164
  6973204C 696D6974 6564311B 30190603 55040313 1251756F 56616469 7320526F
  6F742043 41203230 1E170D30 36313132 34313832 3730305A 170D3331 31313234
XXXXXXXXX
        quit
 certificate ca 083BE056904246B1A1756AC95991C74A
  308203AF 30820297 A0030201 02021008 3BE05690 4246B1A1 756AC959 91C74A30
  0D06092A 864886F7 0D010105 05003061 310B3009 06035504 06130255 53311530
  13060355 040A130C 44696769 43657274 20496E63 31193017 06035504 0B131077
  77772E64 69676963 6572742E 636F6D31 20301E06 03550403 13174469 67694365
XXXXXXXX
        quit
 certificate ca 18DAD19E267DE8BB4A2158CDCC6B3B4A
  308204D3 308203BB A0030201 02021018 DAD19E26 7DE8BB4A 2158CDCC 6B3B4A30
  0D06092A 864886F7 0D010105 05003081 CA310B30 09060355 04061302 55533117
 XXXXXXX
        quit
 certificate ca 01
  308201CC 30820152 A0030201 02020101 300A0608 2A8648CE 3D040303 302C310E
  300C0603 55040A13 05436973 636F311A 30180603 55040313 11436973 636F2045
 XXXXXXXX
        quit
 certificate ca 019A335878CE16C1C1
  30820321 30820209 A0030201 02020901 9A335878 CE16C1C1 300D0609 2A864886
  F70D0101 0B050030 2D310E30 0C060355 040A1305 43697363 6F311B30 19060355
  04031312 43697363 6F20526F 6F742043 41203230 39393020 170D3136 30383039
  32303538 32385A18 0F323039 39303830 39323035 3832385A 302D310E 300C0603
XXXXXX
quit

XXXX indication the rest of lines, there were a lot of them.

 

My question('s) : What does it do? Can i delete them?

 

I have already done a crypto zeorize command but it seems it is not entirely linked with each other?

 

Thanks in advance for your time!

 

Greetings

Damon

 

UPDATE 1 : so i kinda found out what it does/what its used for but so far i know i dont use any services that uses those certificates.
In the meanwhile i did create a crypto key for remote control to SSH but i've configured multiple switches and this is the only switch with those certificates in it.

 

I've googled how to remove it but all they say is something about self-signed certificates but that does not appear in my sh running-config.

0 Replies 0
Review Cisco Networking for a $25 gift card