11-27-2014 05:55 AM
I am upgrading a router from a Cisco 1800 to Cisco 2900. The Cisco 1800 currently has SSL VPN with a godaddy Trustpoint and cert. Can I export the cert from the 1800 to the 2900 and it work...or is the Cert tied to the 1800 and will not work on the 2900!
11-27-2014 08:32 AM
Certificate might not be enough. You'd also need your private key.
So it might depend whether the RSA key is exportable or not.
Look into pkcs12 export and import.
11-27-2014 10:09 PM
Based on my research, if the router has IOS release 12.2(15)T and newer, you can use the exportable keyword to export the keypair.
If the router has 12.3(4)T and newer, you can use the exportable and pem key workds to export both the cert and the keypair. I think this would be the easiest to do, am i understanding this correctly?
How can I tell if the tech before me used the exportable keyword or not?
11-28-2014 12:28 AM
Spoke1#sh crypto key mypubkey rsa % Key pair was generated at: 09:26:35 CET Nov 28 2014 Key name: TEST Key type: RSA KEYS Storage Device: not specified Usage: General Purpose Key Key is exportable.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide