cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
2503
Views
0
Helpful
1
Replies
Mohammad Ali
Frequent Contributor

Removing self signed certificate

Is this a best pratice to leave these on the switch?  I do use ssh to manage the switch but I don't think these are needed for that purpose.  Any security concerns?

crypto pki trustpoint TP-self-signed-xxxxxxxxxxxx

!

crypto pki certificate chain TP-self-signed-xxxxxxxxxxx

1 ACCEPTED SOLUTION

Accepted Solutions
Karsten Iwen
VIP Mentor

From a security-standpoint, each function that you don't need should be disabled. As you don't need the certificates for SSH you can delete them. If you later decide to use HTTPS then you can add your own enterprise-generated certificate or generate new self-signed certificates.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

1 REPLY 1
Karsten Iwen
VIP Mentor

From a security-standpoint, each function that you don't need should be disabled. As you don't need the certificates for SSH you can delete them. If you later decide to use HTTPS then you can add your own enterprise-generated certificate or generate new self-signed certificates.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post