How to remove a key-string certificate for crypto map?

wasimakram195881 · ‎06-01-2016

Hi Friends,

Want to know how to remove a key-string which is configured within the command " crypto key pubkey-chain rsa " in a router.

I dont have to add any other key certificates.

Just got a decommission task of removing the crypto configuration and the crypto key.

Awaiting for your helpful replies.thanks.

Aditya Ganjoo · ‎06-01-2016

Hi,

Please use the command:

crypto key zeroize rsa

Regards,

Aditya

Please rate helpful posts and mark correct answers.

wasimakram195881 · ‎06-01-2016

Hi Aditya,

Thanks for the reply.

The command you suggested is to remove the complete crypto key pubkey-chain rsa and all the addresses associated.

But my query is to remove only one address and its associated key string.

Please suggest how to remove the key-string which contains somewhat 20-30 hexadecimal numbers certificates types.

Aditya Ganjoo · ‎06-01-2016

Hi,

You can use this command:

SWITCH(config)#crypto key zeroize ?
ec Remove EC keys
pubkey-chain Remove peer's cached public key
rsa Remove RSA keys
<cr>

SWITCH(config)#crypto key zeroize rsa
SWITCH(config)#crypto key zeroize rsa ?
WORD keypair label
<cr>

SWITCH(config)#cry key zeroize pubkey-chain ?
<1-65535> Public key index
<cr>

Regards,

Aditya

Please rate helpful posts and mark correct answers.

wasimakram195881 · ‎06-01-2016

Hi Aditya,

As per your commands the key string option is not showing.

Could you try like below:

R#conf t

R(conft)#crypto key pubkey-chain rsa

R(conf-crypto)#key string ?

The problem is i dont have write access . I have to prepare the config and someone else from vendor will implement it.