Cisco Systems 6500 manual Key nametest-keys UsageGeneral Purpose Key

Page 44

Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module

crypto key export rsa pem

Examples

This example shows how to export a key from the SSL Services Module:

ssl-proxy(config)#crypto key export rsa test-keys pem url scp: 3des password

%Key name:test-keys Usage:General Purpose Key

Exporting public key...

Address or name of remote host []? 7.0.0.7

Destination username [ssl-proxy]? lab

Destination filename [test-keys.pub]?

Password:

Writing test-keys.pub Writing file to scp://lab@7.0.0.7/test-keys.pub

Password:

!

Exporting private key...

Address or name of remote host []? 7.0.0.7

Destination username [ssl-proxy]? lab

Destination filename [test-keys.prv]?

Password:

Writing test-keys.prv Writing file to scp://lab@7.0.0.7/test-keys.prv Password:

ssl-proxy(config)#

Catalyst 6500 Series Switch SSL Services Module Command Reference

2-18

OL-9105-01

 

 

Image 44
Contents Corporate Headquarters Text Part Number OL-9105-01Page N T E N T S IiiNatpool Acronyms A-1 OL-9105-01 Audience OrganizationRelated Documentation Chapter Title DescriptionConventions Convention DescriptionBoldface font Example, interface interface typeObtaining Documentation Cisco.comDocumentation Feedback Cisco Product Security OverviewReporting Security Problems in Cisco Products Obtaining Technical AssistanceSubmitting a Service Request XiiObtaining Additional Publications and Information XiiiXiv Getting Help This chapter includes the following sectionsHow to Find Command Options Command Comment Must enter next on the command line Mode keywordAfter you enter the mode keyword Complete the command. If additionalUnderstanding Command Modes Command Mode Access Method Prompt Exit MethodConfigure terminal privileged Exec Configure terminalUsing the No and Default Forms of Commands Interface commandImage using the boot system flash filename With an interfaceUsing the CLI String Search Character Special Meaning\$ \ \+ AeiouAbcdABCD DA-DTelebit 3107 v32bis CharacterBa?b This string matches any number of asterisksZa-z0-9+ Codex telebitAbcd $\.12For example 13001300$ 1300space space1300 1300, ,1300, 1300 ,1300 WithOL-9105-01 A P T E R Defaults Command Modes Command HistoryClear ssl-proxy conn Release ModificationClear ssl-proxy content Defaults Command Modes Command HistoryClear ssl-proxy session Usage GuidelinesClear ssl-proxy stats Ssl-proxy#clear ssl-proxy stats Crypto pki export pem TerminalDes 3desRelated Commands Crypto pki import pemDefaults Command History Crypto pki import pemExportable Usage-keysCrypto pki export pem Crypto pki export pkcs12 This example shows how to export a PKCS12 file using SCP Crypto pki import pkcs12 Crypto This example shows how to import a PKCS12 file using SCPFilename TP2? /users/admin-1/pkcs12/TP2.p12 Crypto key decrypt rsa Name key-namePassphrase passphrase Crypto key encrypt rsaCrypto key lock rsa Crypto key encrypt rsaCrypto key decrypt rsa Optional Specifies that the key can be exported Crypto key export rsa pemKeylabel Name of the key Key nametest-keys UsageGeneral Purpose Key Crypto key import rsa pem Instead of one general-purpose key pairNull-Imports from the null file system System-Imports from the system file systemPEM-formatted RSA key to the SSL Services Module Crypto key lock rsa Crypto key lock rsa name key-namepassphrase passphraseName key-name Optional Name of the key Passphrase passphraseCrypto key unlock rsa Crypto key unlock rsa name key-namepassphrase passphraseDebug ssl-proxy Command History Release Modification This example shows how to turn on App debugging Configuration mode Do commandCommand EXEC-level command to be executed Syntax Description Syntax Description Defaults Command Modes Command HistoryInterface ssl-proxy Standby authentication Standby delay minimum reloadStandby timers Standby ipSsl-proxy config# interface ssl-proxy Ssl-proxyconfig-subif#ip address 208.59.100.18Context subcommand mode This example shows how to define a pool of IP addressesNatpool Natpool nat-pool-name startipaddr endipaddr netmask netmaskSyntax Description Defaults Command Modes Policy health-probe tcpInterval seconds Failed-interval secondsOpen-timeout seconds Ssl-proxyconfig#ssl-proxy context sslSsl-proxyconfig-context#policy health-probe tcp probe1 Running on server IP addressPage Policy http-header Client-cert pemAlias Policy that is applied to the payloadField To Insert Description Client-cert pem Client-ip-port Custom custom-stringInserts the custom-stringheader into the Http header PrefixRelated Commands show ssl-proxy policy SSL-OFFLOAD-SOFTWARE VERSION3.11Close-protocol is disabled Session-caching is enabledTimeout session timeout absolute Policy sslSSL-Policy Configuration Submode Command Descriptions Renegotiation volume size Timeout handshake timeoutHelp Renegotiation interval timeOL-9105-01 This example shows how to enable a session cache This example shows how to disable a session cacheOL-9105-01 Policy tcp Delayed-ack-threshold delay Delayed-ack-timeout timerNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-secondsNo timeout reassembly time Form of this command to return to the default settingNo tos carryover Server to client connection, the server connection must beSsl-proxy config-ctx-tcp-policy# mss Policy url-rewrite Ssl-proxyconfig-context#ssl-proxy policy url-rewrite test1 RedirectonlyCa-pool-name Certificate authority pool name Pool caPool ca ca-pool-name Service Authenticate verify all signature-only Default certificate inservice nat serverInservice Certificate rsa general-purpose trustpointVlan vlan Virtual policy ssl ssl-policy-nameVirtual policy tcp Related Commands show ssl-proxy service Service client Policy health-probe tcp Policy http-headerNat server client natpool-name Virtual policy ssl ssl-policy-nameVirtual policy tcp Vlan vlanSsl-proxy config-ctx-ssl-proxy# server policy tcp tcppl1 Show interfaces ssl-proxy Show interfaces ssl-proxy 0.subinterfacePolicy tcp Show ionterfacesThis command has no default settings Show ssl-proxy buffersShow ssl-proxy buffers Ssl-proxy#show ssl-proxy buffersShow ssl-proxy certificate-history service name Service nameSpecific proxy service Show ssl-proxy certificate-historySsl-proxy# show ssl-proxy certificate-history Record 1, Timestamp000051, 163634 UTC Oct 31Related Commands service Show ssl-proxy conn 4tupleLocal RemoteContext name Module module Ssl-proxy#show ssl-proxy conn200.200.1438814 58796 Context Default Show ssl-proxy contextShow ssl-proxy context name Name Optional Name of the contextShow ssl-proxy crash-info Show ssl-proxy crash-info brief detailsBrief DetailsStack top Printing 1024 bytes from stack top Ssl-proxy#show ssl-proxy crash-info briefSsl-proxy#show ssl-proxy mac address Show ssl-proxy mac addressShow ssl-proxy mac address Show ssl-proxy natpool Show ssl-proxy natpool namecontext nameContext name NatpoolShow ssl-proxy policy Health-probe tcpHttp-header Url-rewriteSsl-proxy#show ssl-proxy policy ssl ssl-policy1 Ssl-proxy#show ssl-proxy policy tcp tcp-policy1Ssl-proxy#show ssl-proxy policy health-probe tcp tcp-health Show ssl-proxy service Show ssl-proxy service namecontext nameSsl-proxy#show ssl-proxy service Ssl-proxy#show ssl-proxy service S6Service client Show ssl-proxy stats type ContentShow ssl-proxy stats Stats This example shows how to display the TCP statistics This example shows how to display the PKI statisticsSsl-proxy# show ssl-proxy stats hdr This example shows how to display context statisticsSsl-proxy#show ssl-proxy stats context Context name Default This example shows how to display content statistics Ssl-proxy#show ssl-proxy stats contentShow ssl-proxy status Show ssl-proxy statusShow ssl-proxy status fdu ssl tcp TCP cpu is alive Ssl-proxy#show ssl-proxy version Show ssl-proxy versionShow ssl-proxy version Show ssl-proxy vlan Show ssl-proxy vlan vlan-iddebugmodule moduleDebug Optional Displays debug informationSnmp-server enable Defaults Command Modes Command History ExamplesCommand Purpose and Guidelines Defaults Ssl-proxy contextSsl-proxy context name No ssl-proxy context name Description descriptionPolicy ssl policy-name Policy tcp policy-namePolicy url-rewrite policy-name Pool ca nameSeconds Global configuration This example shows how to start a cryptographic self-testSsl-proxy crypto selftest Time-intervalThis example shows how to configure a MAC address Related Commands show ssl-proxy mac addressSsl-proxy config# ssl-proxy mac address 00e0.b0ff.f232 Ssl-proxy mac addressSsl-proxy pki Related Commands show ssl-proxy stats This example shows how to specify the cache sizeThis example shows how to enable PKI event-history Ssl-proxy crypto key unlock rsa Key-name Name of the key Passphrase Pass phraseTime is 6 seconds Global configuration Ssl-proxyconfig#ssl-proxy ip-frag-ttlSsl-proxy ip-frag-ttl Ssl-proxy ip-frag-ttl timeSsl-proxy config# ssl-proxy ssl ratelimit Ssl-proxy config# no ssl-proxy ssl ratelimitSsl-proxy ssl ratelimit Ssl-proxy ssl ratelimit No ssl-proxy ssl ratelimitStandby authentication Group-number is String is ciscoStandby delay minimum reload Min-delay is 1 second Reload-delay is 5 secondsSsl-proxyconfig-subif#standby delay minimum 30 reload Show standby delaySsl-proxyconfig#interface ssl-proxy Defaults Command Modes Command History Usage Guidelines Standby ipSecondary Group-number isUsed by the hot standby group is learned using Hsrp 100Standby mac-address Standby group-numbermac-addressmac-addressNo standby group-numbermac-address Mac-address MAC addressSsl-proxyconfig-subif#standby 1 mac-address That is used in the end nodesShow standby 102103 Standby mac-refreshStandby mac-refresh seconds no standby mac-refresh Hsrp is disabled Standby nameStandby name group-name No standby name group-name Group-name Name of the standby groupStandby preempt 105Operation returns to the default behavior Leaves any synchronization delay if it was configuredClients To become the active routerStandby priority Standby group-numberpriority priorityNo standby group-numberpriority priority Group-number is Priority isThis example shows how to change the router priority 108Standby redirects 109Related Commands show standby Ssl-proxyconfig-subif#standby redirects timers 90Show standby redirect 110Standby timers MsecOptional Specifies the interval in milliseconds 111112 Standby track Decrement priorityOr comes back up 113Router a Configuration Router B ConfigurationRelated Commands standby preempt 114Standby use-bia Standby use-bia scope interface no standby use-biaScope interface On which it was entered, instead of the major interfaceThis example shows how to configure Hsrp version Standby versionStandby version 1 Specifies Hsrp versionAcronym Expansion Cbac CCACDP CEFDram DsapDscp DspuICD IcmpIDB IDPMD5 MdixMdss MFDOSI OSMOspf PAERmon ROMRommon RPCSTP SVCSVI TACACS+Weighted round-robin WRRXNS Xerox Network SystemOL-9105-01 Acknowledgments for Open-Source Software OL-9105-01 # character privileged Exec mode prompt Asterisk + plus sign Period ? command Caret$ character IN-1IN-2 IN-3 IN-4 TCP IN-5Configuration submode User Exec mode, summary IN-6
Related manuals
Manual 20 pages 62.17 Kb Manual 112 pages 18.84 Kb Manual 262 pages 31.67 Kb