Cisco Systems 6500 manual Ssl-proxy# show ssl-proxy certificate-history

Page 88

Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module

show ssl-proxy certificate-history

Examples

This example shows how to display the event history of all the certificate processing:

 

ssl-proxy#show ssl-proxy certificate-history

 

Record 1, Timestamp:00:00:51, 16:36:34 UTC Oct 31 2002

Installed Server Certificate, Index 5

Proxy Service:s1, Trust Point:t3

Key Pair Name:k3, Key Usage:RSA General Purpose, Exportable

Time of Key Generation:12:27:58 UTC Oct 30 2002

Subject Name:OID.1.2.840.113549.1.9.2 = simpson5-2-ste.cisco.com, OID.1.2.840.113549.1.9.8 = 207.79.1.9, OID.2.5.4.5 = B0FFF235

Issuer Name:CN = SimpsonTestCA, OU = Simpson Lab, O = Cisco Systems, L = San Jose, ST = CA, C = US, EA =<16> simpson-pki@cisco.com

Serial Number:5D3D1931000100000D99

Validity Start Time:21:58:12 UTC Oct 30 2002 End Time:22:08:12 UTC Oct 30 2003

Renew Time:00:00:00 UTC Jan 1 1970 End of Certificate Record

Record 2, Timestamp:00:01:06, 16:36:49 UTC Oct 31 2002 Installed Server Certificate, Index 6

Proxy Service:s5, Trust Point:t10

Key Pair Name:k10, Key Usage:RSA General Purpose, Exportable Time of Key Generation:07:56:43 UTC Oct 11 2002

Subject Name:CN = host1.cisco.com, OID.1.2.840.113549.1.9.2 = simpson5-2-ste.cisco.com, OID.1.2.840.113549.1.9.8 = 207.79.1.9, OID.2.5.4.5 = B0FFF235

Issuer Name:CN = SimpsonTestCA, OU = Simpson Lab, O = Cisco Systems, L = San Jose, ST

=CA, C = US, EA =<16> simpson-pki@cisco.com Serial Number:24BC81B7000100000D85

Validity Start Time:22:38:00 UTC Oct 19 2002

End Time:22:48:00 UTC Oct 19 2003

Renew Time:00:00:00 UTC Jan 1 1970

End of Certificate Record

Record 3, Timestamp:00:01:34, 16:37:18 UTC Oct 31 2002 Installed Server Certificate, Index 7

Proxy Service:s6, Trust Point:t10

Key Pair Name:k10, Key Usage:RSA General Purpose, Exportable Time of Key Generation:07:56:43 UTC Oct 11 2002

Subject Name:CN = host1.cisco.com, OID.1.2.840.113549.1.9.2 = simpson5-2-ste.cisco.com, OID.1.2.840.113549.1.9.8 = 207.79.1.9, OID.2.5.4.5 = B0FFF235

Issuer Name:CN = SimpsonTestCA, OU = Simpson Lab, O = Cisco Systems, L = San Jose, ST

=CA, C = US, EA =<16> simpson-pki@cisco.com Serial Number:24BC81B7000100000D85 Validity Start Time:22:38:00 UTC Oct 19 2002 End Time:22:48:00 UTC Oct 19 2003

Renew Time:00:00:00 UTC Jan 1 1970

End of Certificate Record

Record 4, Timestamp:00:01:40, 16:37:23 UTC Oct 31 2002 Deleted Server Certificate, Index 0

Proxy Service:s6, Trust Point:t6

Key Pair Name:k6, Key Usage:RSA General Purpose, Not Exportable Time of Key Generation:00:28:28 UTC Mar 1 1993

Subject Name:CN = host1.cisco.com, OID.1.2.840.113549.1.9.2 = simpson5-2-ste.cisco.com, OID.1.2.840.113549.1.9.8 = 207.79.1.8, OID.2.5.4.5 = B0FFF235

Issuer Name:CN = SimpsonTestCA, OU = Simpson Lab, O = Cisco Systems, L = San Jose, ST

=CA, C = US, EA =<16> simpson-pki@cisco.com Serial Number:5CB5CFD6000100000D97

Validity Start Time:19:30:26 UTC Oct 30 2002

End Time:19:40:26 UTC Oct 30 2003

Renew Time:00:00:00 UTC Jan 1 1970

End of Certificate Record

%Total number of certificate history records displayed = 4 ssl-proxy#

Catalyst 6500 Series Switch SSL Services Module Command Reference

2-62

OL-9105-01

 

 

Page 87 Page 89
Image 88
Page 87 Page 89
Contents Corporate Headquarters Text Part Number OL-9105-01Page N T E N T S IiiNatpool Acronyms A-1 OL-9105-01 Audience OrganizationRelated Documentation Chapter Title DescriptionConventions Convention DescriptionBoldface font Example, interface interface typeObtaining Documentation Cisco.comDocumentation Feedback Cisco Product Security OverviewReporting Security Problems in Cisco Products Obtaining Technical AssistanceSubmitting a Service Request XiiObtaining Additional Publications and Information XiiiXiv Getting Help This chapter includes the following sectionsHow to Find Command Options Command Comment Must enter next on the command line Mode keywordAfter you enter the mode keyword Complete the command. If additionalUnderstanding Command Modes Command Mode Access Method Prompt Exit MethodConfigure terminal privileged Exec Configure terminalUsing the No and Default Forms of Commands Interface commandImage using the boot system flash filename With an interfaceUsing the CLI String Search Character Special Meaning\$ \ \+ AeiouAbcdABCD DA-DTelebit 3107 v32bis CharacterBa?b This string matches any number of asterisksZa-z0-9+ Codex telebitAbcd $\.12For example 13001300$ 1300space space1300 1300, ,1300, 1300 ,1300 WithOL-9105-01 A P T E R Defaults Command Modes Command HistoryClear ssl-proxy conn Release ModificationClear ssl-proxy content Defaults Command Modes Command HistoryClear ssl-proxy session Usage GuidelinesClear ssl-proxy stats Ssl-proxy#clear ssl-proxy stats Crypto pki export pem TerminalDes 3desRelated Commands Crypto pki import pemDefaults Command History Crypto pki import pemExportable Usage-keysCrypto pki export pem Crypto pki export pkcs12 This example shows how to export a PKCS12 file using SCP Crypto pki import pkcs12 Filename TP2? /users/admin-1/pkcs12/TP2.p12 This example shows how to import a PKCS12 file using SCPCrypto Crypto key decrypt rsa Name key-namePassphrase passphrase Crypto key encrypt rsaCrypto key decrypt rsa Crypto key encrypt rsaCrypto key lock rsa Keylabel Name of the key Crypto key export rsa pemOptional Specifies that the key can be exported Key nametest-keys UsageGeneral Purpose Key Crypto key import rsa pem Instead of one general-purpose key pairNull-Imports from the null file system System-Imports from the system file systemPEM-formatted RSA key to the SSL Services Module Crypto key lock rsa Crypto key lock rsa name key-namepassphrase passphraseName key-name Optional Name of the key Passphrase passphraseCrypto key unlock rsa Crypto key unlock rsa name key-namepassphrase passphraseDebug ssl-proxy Command History Release Modification This example shows how to turn on App debugging Command EXEC-level command to be executed Do commandConfiguration mode Interface ssl-proxy Syntax Description Defaults Command Modes Command HistorySyntax Description Standby authentication Standby delay minimum reloadStandby timers Standby ipSsl-proxy config# interface ssl-proxy Ssl-proxyconfig-subif#ip address 208.59.100.18Context subcommand mode This example shows how to define a pool of IP addressesNatpool Natpool nat-pool-name startipaddr endipaddr netmask netmaskSyntax Description Defaults Command Modes Policy health-probe tcpInterval seconds Failed-interval secondsOpen-timeout seconds Ssl-proxyconfig#ssl-proxy context sslSsl-proxyconfig-context#policy health-probe tcp probe1 Running on server IP addressPage Policy http-header Client-cert pemAlias Policy that is applied to the payloadField To Insert Description Client-cert pem Client-ip-port Custom custom-stringInserts the custom-stringheader into the Http header PrefixRelated Commands show ssl-proxy policy SSL-OFFLOAD-SOFTWARE VERSION3.11Close-protocol is disabled Session-caching is enabledTimeout session timeout absolute Policy sslSSL-Policy Configuration Submode Command Descriptions Renegotiation volume size Timeout handshake timeoutHelp Renegotiation interval timeOL-9105-01 This example shows how to enable a session cache This example shows how to disable a session cacheOL-9105-01 Policy tcp Delayed-ack-threshold delay Delayed-ack-timeout timerNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-secondsNo timeout reassembly time Form of this command to return to the default settingNo tos carryover Server to client connection, the server connection must beSsl-proxy config-ctx-tcp-policy# mss Policy url-rewrite Ssl-proxyconfig-context#ssl-proxy policy url-rewrite test1 RedirectonlyPool ca ca-pool-name Pool caCa-pool-name Certificate authority pool name Service Authenticate verify all signature-only Default certificate inservice nat serverInservice Certificate rsa general-purpose trustpointVirtual policy tcp Virtual policy ssl ssl-policy-nameVlan vlan Related Commands show ssl-proxy service Service client Policy health-probe tcp Policy http-headerNat server client natpool-name Virtual policy ssl ssl-policy-nameVirtual policy tcp Vlan vlanSsl-proxy config-ctx-ssl-proxy# server policy tcp tcppl1 Show interfaces ssl-proxy Show interfaces ssl-proxy 0.subinterfacePolicy tcp Show ionterfacesThis command has no default settings Show ssl-proxy buffersShow ssl-proxy buffers Ssl-proxy#show ssl-proxy buffersShow ssl-proxy certificate-history service name Service nameSpecific proxy service Show ssl-proxy certificate-historySsl-proxy# show ssl-proxy certificate-history Record 1, Timestamp000051, 163634 UTC Oct 31Related Commands service Show ssl-proxy conn 4tupleLocal RemoteContext name Module module Ssl-proxy#show ssl-proxy conn200.200.1438814 58796 Context Default Show ssl-proxy contextShow ssl-proxy context name Name Optional Name of the contextShow ssl-proxy crash-info Show ssl-proxy crash-info brief detailsBrief DetailsStack top Printing 1024 bytes from stack top Ssl-proxy#show ssl-proxy crash-info briefShow ssl-proxy mac address Show ssl-proxy mac addressSsl-proxy#show ssl-proxy mac address Show ssl-proxy natpool Show ssl-proxy natpool namecontext nameContext name NatpoolShow ssl-proxy policy Health-probe tcpHttp-header Url-rewriteSsl-proxy#show ssl-proxy policy ssl ssl-policy1 Ssl-proxy#show ssl-proxy policy tcp tcp-policy1Ssl-proxy#show ssl-proxy policy health-probe tcp tcp-health Show ssl-proxy service Show ssl-proxy service namecontext nameSsl-proxy#show ssl-proxy service Ssl-proxy#show ssl-proxy service S6Service client Show ssl-proxy stats ContentShow ssl-proxy stats type Stats This example shows how to display the TCP statistics This example shows how to display the PKI statisticsSsl-proxy#show ssl-proxy stats context Context name Default This example shows how to display context statisticsSsl-proxy# show ssl-proxy stats hdr This example shows how to display content statistics Ssl-proxy#show ssl-proxy stats contentShow ssl-proxy status fdu ssl tcp Show ssl-proxy statusShow ssl-proxy status TCP cpu is alive Show ssl-proxy version Show ssl-proxy versionSsl-proxy#show ssl-proxy version Show ssl-proxy vlan Show ssl-proxy vlan vlan-iddebugmodule moduleDebug Optional Displays debug informationSnmp-server enable Defaults Command Modes Command History ExamplesCommand Purpose and Guidelines Defaults Ssl-proxy contextSsl-proxy context name No ssl-proxy context name Description descriptionPolicy ssl policy-name Policy tcp policy-namePolicy url-rewrite policy-name Pool ca nameSeconds Global configuration This example shows how to start a cryptographic self-testSsl-proxy crypto selftest Time-intervalThis example shows how to configure a MAC address Related Commands show ssl-proxy mac addressSsl-proxy config# ssl-proxy mac address 00e0.b0ff.f232 Ssl-proxy mac addressSsl-proxy pki This example shows how to enable PKI event-history This example shows how to specify the cache sizeRelated Commands show ssl-proxy stats Ssl-proxy crypto key unlock rsa Key-name Name of the key Passphrase Pass phraseTime is 6 seconds Global configuration Ssl-proxyconfig#ssl-proxy ip-frag-ttlSsl-proxy ip-frag-ttl Ssl-proxy ip-frag-ttl timeSsl-proxy config# ssl-proxy ssl ratelimit Ssl-proxy config# no ssl-proxy ssl ratelimitSsl-proxy ssl ratelimit Ssl-proxy ssl ratelimit No ssl-proxy ssl ratelimitStandby authentication Group-number is String is ciscoStandby delay minimum reload Min-delay is 1 second Reload-delay is 5 secondsSsl-proxyconfig#interface ssl-proxy Show standby delaySsl-proxyconfig-subif#standby delay minimum 30 reload Defaults Command Modes Command History Usage Guidelines Standby ipSecondary Group-number isUsed by the hot standby group is learned using Hsrp 100Standby mac-address Standby group-numbermac-addressmac-addressNo standby group-numbermac-address Mac-address MAC addressSsl-proxyconfig-subif#standby 1 mac-address That is used in the end nodesShow standby 102Standby mac-refresh seconds no standby mac-refresh Standby mac-refresh103 Hsrp is disabled Standby nameStandby name group-name No standby name group-name Group-name Name of the standby groupStandby preempt 105Operation returns to the default behavior Leaves any synchronization delay if it was configuredClients To become the active routerStandby priority Standby group-numberpriority priorityNo standby group-numberpriority priority Group-number is Priority isThis example shows how to change the router priority 108Standby redirects 109Related Commands show standby Ssl-proxyconfig-subif#standby redirects timers 90Show standby redirect 110Standby timers MsecOptional Specifies the interval in milliseconds 111112 Standby track Decrement priorityOr comes back up 113Router a Configuration Router B ConfigurationRelated Commands standby preempt 114Standby use-bia Standby use-bia scope interface no standby use-biaScope interface On which it was entered, instead of the major interfaceThis example shows how to configure Hsrp version Standby versionStandby version 1 Specifies Hsrp versionAcronym Expansion Cbac CCACDP CEFDram DsapDscp DspuICD IcmpIDB IDPMD5 MdixMdss MFDOSI OSMOspf PAERmon ROMRommon RPCSTP SVCSVI TACACS+Weighted round-robin WRRXNS Xerox Network SystemOL-9105-01 Acknowledgments for Open-Source Software OL-9105-01 # character privileged Exec mode prompt Asterisk + plus sign Period ? command Caret$ character IN-1IN-2 IN-3 IN-4 TCP IN-5Configuration submode User Exec mode, summary IN-6
Related manuals
Manual 20 pages 62.17 Kb Manual 112 pages 18.84 Kb Manual 262 pages 31.67 Kb
Top Page Image Contents