03-06-2009 12:36 AM - edited 03-06-2019 04:25 AM
all,
can someone help me remove these lines on our 2800 router. i believe this was generated when i put the command 'ip http secure-server' and then it generated 1024 bit crypto key.
crypto pki trustpoint TP-self-signed-1600565986
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1600565986
revocation-check none
rsakeypair TP-self-signed-1600565986
!
!
crypto pki certificate chain TP-self-signed-1600565986
certificate self-signed 01
30820252 308201BB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363030 35363539 3836301E 170D3039 30333036 30383130
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36303035
36353938 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BEAB AE0507DC 315D79DE F137B357 56AACF67 E4FEDF14 A1A25902 BFD2E3AD
FF1D44F5 3F9903AB 5D2B0E4B D0B9FF57 F70A45A0 A0920A06 D2B19000 6DABE4BE
B7D64F89 5559EA89 4A12B8EA E0D6621C 340CAD3E F4FBD717 A9CDBEEA C5B256CE
98829FFE 02681000 27669516 EE934895 DC9455BA B6347FAE 3DC6F4E5 DE641299
AA190203 010001A3 7A307830 0F060355 1D130101 FF040530 030101FF 30250603
551D1104 1E301C82 1A475250 54583238 2D30312E 68617274 652D6861 6E6B732E
636F6D30 1F060355 1D230418 30168014 FCFE2322 230FC742 FA9504AF 28153FAC
D88E9C5F 301D0603 551D0E04 160414FC FE232223 0FC742FA 9504AF28 153FACD8
8E9C5F30 0D06092A 864886F7 0D010104 05000381 81000BC8 1AF70C08 9A085A9D
9A49930B 039462B1 033707E0 AC3D1FC5 E3165931 3C848B8A 53AB093F 85744F6E
19D2AAEE B900A493 C93BD508 C4BE50B0 84273D65 D1C97F84 2D97AA31 CCE10071
F7A93AE2 24036F71 99E510BE E900B552 3840AEBB 27BEA81D B084EC89 8278B9C1
C7A6A7B6 8FBFA664 490DACCF 6AB66687 83E12302 9DD3
quit
Solved! Go to Solution.
03-06-2009 01:13 AM
Hi
You are correct, ip http secure-server generated this.
If you want to remove these lines, then you just need to remove the trustpoint
router(config)#no crypto pki trustpoint TP-self-signed-1600565986
03-06-2009 01:13 AM
Hi
You are correct, ip http secure-server generated this.
If you want to remove these lines, then you just need to remove the trustpoint
router(config)#no crypto pki trustpoint TP-self-signed-1600565986
03-06-2009 01:18 AM
AS a side note, you may want to remove the rsa key that was generated aswell.
View the key with the command
test#show crypto key mypubkey rsa
Key name: TP-self-signed-4294967295
Usage: General Purpose Key
Key is not exportable.
Key Data:
30819F30 0D06092A 864886F7 0D010101 05000381 8D003081 89028181 00B916D7
2B85842B 93107D66 D17ED68F BD6F8D2E 448FE02D 846B0C67 89ACDA69 CA7D46A9
149092FC 399E3EA1 01B708BA D8C191AA 6A34ED30 4D110782 10A1EDCB 1CCDB024
046EBC03 78F2A995 344BFB62 C2031435 B9A97BA7 A0DF38E0 B93B2FE3 61FA1772
67D85921 4559AC1D 53BD365F BC71AE16 9AC5A0C2 BADACDD8 5D476B7B 55020301 0001
and then clear it with the command
test(config)#crypto key zeroize rsa TP-self-signed-4294967295
% Keys to be removed are named named 'TP-self-signed-4294967295'.
% All router certs issued using these keys will also be removed.
Do you really want to remove these keys? [yes/no]: yes
03-06-2009 01:52 AM
thanks for your help! :-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide