Crypto key decrypt rsa, Name key-name | Cisco Systems 6500 instruction

Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module

crypto key decrypt rsa

crypto key decrypt rsa

To delete the encrypted key and leave only the unencrypted key, use the crypto key decrypt rsa command.

crypto key decrypt [write] rsa [name key-name]passphrase passphrase

Syntax Description		write			(Optional) Writes the configuration to the startup configuration.
		name key-name			(Optional) Name of the key.

		passphrase passphrase			Pass phrase.


Defaults		This command has no default settings.

Command Modes		Global configuration mode

Command History		Release			Modification

		SSL Services Module			Support for this command was introduced on the Catalyst 6500 series
		Release 3.1(1)			SSL Services Module.

		Entering the write keyword immediately saves the unencrypted key to NVRAM. If you do not enter the
Usage Guidelines
		write keyword, you must manually write the configuration to NVRAM; otherwise, the key remains
		encrypted the next time that the router is reloaded.

Examples		This example shows how to display the administration VLAN and related IP and gateway addresses:
		ssl-proxy(config)#crypto key decrypt rsa name pki1-72a.cisco.com passphrase cisco1234
		WARNING: Configuration with decrypted key not saved.
		Please save it manually as soon as possible to
		save decrypted key
		ssl-proxy(config)# end
		ssl-proxy#show crypto key mypubkey rsa
		Key name: pki1-72a.cisco.com
		Usage: General Purpose Key
		Key is not exportable.
		Key Data:
		30819F30	0D06092A	864886F7		0D010101	05000381
	...
		% Key pair was generated at: 15:42:15 PST Jun
		ssl-proxy#
		crypto key encrypt rsa
Related Commands		crypto key encrypt rsa
		crypto key lock rsa
		crypto key unlock rsa

Catalyst 6500 Series Switch SSL Services Module Command Reference

	OL-9105-01	2-15

Image 41

Cisco Systems 6500 manual Crypto key decrypt rsa, Name key-name, Passphrase passphrase, Crypto key encrypt rsa

Contents

Text Part Number OL-9105-01 Corporate HeadquartersPage Iii N T E N T S Natpool Acronyms A-1 OL-9105-01 Organization AudienceRelated Documentation Chapter Title Description Convention Description ConventionsBoldface font Example, interface interface type Cisco.com Obtaining Documentation Cisco Product Security Overview Documentation Feedback Obtaining Technical Assistance Reporting Security Problems in Cisco Products Xii Submitting a Service Request Xiii Obtaining Additional Publications and Information Xiv This chapter includes the following sections Getting Help How to Find Command Options Command Comment Mode keyword Must enter next on the command lineAfter you enter the mode keyword Complete the command. If additional Command Mode Access Method Prompt Exit Method Understanding Command ModesConfigure terminal privileged Exec Configure terminal Interface command Using the No and Default Forms of CommandsImage using the boot system flash filename With an interface Character Special Meaning Using the CLI String Search Aeiou \$ \ \+AbcdABCD DA-D Character Telebit 3107 v32bisBa?b This string matches any number of asterisks Codex telebit Za-z0-9+Abcd $\.12 1300 For example1300$ 1300space space1300 1300, ,1300, 1300 ,1300 With OL-9105-01 A P T E R Command Modes Command History DefaultsClear ssl-proxy conn Release Modification Defaults Command Modes Command History Clear ssl-proxy content Usage Guidelines Clear ssl-proxy session Clear ssl-proxy stats Ssl-proxy#clear ssl-proxy stats Terminal Crypto pki export pemDes 3des Crypto pki import pem Related Commands Crypto pki import pem Defaults Command HistoryExportable Usage-keys Crypto pki export pem Crypto pki export pkcs12 This example shows how to export a PKCS12 file using SCP Crypto pki import pkcs12 Crypto This example shows how to import a PKCS12 file using SCPFilename TP2? /users/admin-1/pkcs12/TP2.p12 Name key-name Crypto key decrypt rsaPassphrase passphrase Crypto key encrypt rsa Crypto key lock rsa Crypto key encrypt rsaCrypto key decrypt rsa Optional Specifies that the key can be exported Crypto key export rsa pemKeylabel Name of the key Key nametest-keys UsageGeneral Purpose Key Instead of one general-purpose key pair Crypto key import rsa pemNull-Imports from the null file system System-Imports from the system file system PEM-formatted RSA key to the SSL Services Module Crypto key lock rsa name key-namepassphrase passphrase Crypto key lock rsaName key-name Optional Name of the key Passphrase passphrase Crypto key unlock rsa name key-namepassphrase passphrase Crypto key unlock rsa Debug ssl-proxy Command History Release Modification This example shows how to turn on App debugging Configuration mode Do commandCommand EXEC-level command to be executed Syntax Description Syntax Description Defaults Command Modes Command HistoryInterface ssl-proxy Standby delay minimum reload Standby authenticationStandby timers Standby ip Ssl-proxyconfig-subif#ip address 208.59.100.18 Ssl-proxy config# interface ssl-proxy This example shows how to define a pool of IP addresses Context subcommand modeNatpool Natpool nat-pool-name startipaddr endipaddr netmask netmask Policy health-probe tcp Syntax Description Defaults Command ModesInterval seconds Failed-interval seconds Ssl-proxyconfig#ssl-proxy context ssl Open-timeout secondsSsl-proxyconfig-context#policy health-probe tcp probe1 Running on server IP addressPage Client-cert pem Policy http-headerAlias Policy that is applied to the payload Field To Insert Description Client-cert pem Custom custom-string Client-ip-portInserts the custom-stringheader into the Http header Prefix SSL-OFFLOAD-SOFTWARE VERSION3.11 Related Commands show ssl-proxy policy Session-caching is enabled Close-protocol is disabledTimeout session timeout absolute Policy ssl SSL-Policy Configuration Submode Command Descriptions Timeout handshake timeout Renegotiation volume sizeHelp Renegotiation interval time OL-9105-01 This example shows how to disable a session cache This example shows how to enable a session cache OL-9105-01 Policy tcp Delayed-ack-timeout timer Delayed-ack-threshold delayNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-seconds Form of this command to return to the default setting No timeout reassembly timeNo tos carryover Server to client connection, the server connection must be Ssl-proxy config-ctx-tcp-policy# mss Policy url-rewrite Redirectonly Ssl-proxyconfig-context#ssl-proxy policy url-rewrite test1 Ca-pool-name Certificate authority pool name Pool caPool ca ca-pool-name Service Default certificate inservice nat server Authenticate verify all signature-onlyInservice Certificate rsa general-purpose trustpoint Vlan vlan Virtual policy ssl ssl-policy-nameVirtual policy tcp Related Commands show ssl-proxy service Policy health-probe tcp Policy http-header Service client Virtual policy ssl ssl-policy-name Nat server client natpool-nameVirtual policy tcp Vlan vlan Ssl-proxy config-ctx-ssl-proxy# server policy tcp tcppl1 Show interfaces ssl-proxy 0.subinterface Show interfaces ssl-proxyPolicy tcp Show ionterfaces Show ssl-proxy buffers This command has no default settingsShow ssl-proxy buffers Ssl-proxy#show ssl-proxy buffers Service name Show ssl-proxy certificate-history service nameSpecific proxy service Show ssl-proxy certificate-history Record 1, Timestamp000051, 163634 UTC Oct 31 Ssl-proxy# show ssl-proxy certificate-history Related Commands service 4tuple Show ssl-proxy connLocal Remote Ssl-proxy#show ssl-proxy conn Context name Module module 200.200.1438814 58796 Show ssl-proxy context Context DefaultShow ssl-proxy context name Name Optional Name of the context Show ssl-proxy crash-info brief details Show ssl-proxy crash-infoBrief Details Ssl-proxy#show ssl-proxy crash-info brief Stack top Printing 1024 bytes from stack top Ssl-proxy#show ssl-proxy mac address Show ssl-proxy mac addressShow ssl-proxy mac address Show ssl-proxy natpool namecontext name Show ssl-proxy natpoolContext name Natpool Health-probe tcp Show ssl-proxy policyHttp-header Url-rewrite Ssl-proxy#show ssl-proxy policy tcp tcp-policy1 Ssl-proxy#show ssl-proxy policy ssl ssl-policy1 Ssl-proxy#show ssl-proxy policy health-probe tcp tcp-health Show ssl-proxy service namecontext name Show ssl-proxy serviceSsl-proxy#show ssl-proxy service Ssl-proxy#show ssl-proxy service S6 Service client Show ssl-proxy stats type ContentShow ssl-proxy stats Stats This example shows how to display the PKI statistics This example shows how to display the TCP statistics Ssl-proxy# show ssl-proxy stats hdr This example shows how to display context statisticsSsl-proxy#show ssl-proxy stats context Context name Default Ssl-proxy#show ssl-proxy stats content This example shows how to display content statistics Show ssl-proxy status Show ssl-proxy statusShow ssl-proxy status fdu ssl tcp TCP cpu is alive Ssl-proxy#show ssl-proxy version Show ssl-proxy versionShow ssl-proxy version Show ssl-proxy vlan vlan-iddebugmodule module Show ssl-proxy vlanDebug Optional Displays debug information Defaults Command Modes Command History Examples Snmp-server enable Ssl-proxy context Command Purpose and Guidelines DefaultsSsl-proxy context name No ssl-proxy context name Description description Policy tcp policy-name Policy ssl policy-namePolicy url-rewrite policy-name Pool ca name This example shows how to start a cryptographic self-test Seconds Global configurationSsl-proxy crypto selftest Time-interval Related Commands show ssl-proxy mac address This example shows how to configure a MAC addressSsl-proxy config# ssl-proxy mac address 00e0.b0ff.f232 Ssl-proxy mac address Ssl-proxy pki Related Commands show ssl-proxy stats This example shows how to specify the cache sizeThis example shows how to enable PKI event-history Key-name Name of the key Passphrase Pass phrase Ssl-proxy crypto key unlock rsa Ssl-proxyconfig#ssl-proxy ip-frag-ttl Time is 6 seconds Global configurationSsl-proxy ip-frag-ttl Ssl-proxy ip-frag-ttl time Ssl-proxy config# no ssl-proxy ssl ratelimit Ssl-proxy config# ssl-proxy ssl ratelimitSsl-proxy ssl ratelimit Ssl-proxy ssl ratelimit No ssl-proxy ssl ratelimit Group-number is String is cisco Standby authentication Min-delay is 1 second Reload-delay is 5 seconds Standby delay minimum reload Ssl-proxyconfig-subif#standby delay minimum 30 reload Show standby delaySsl-proxyconfig#interface ssl-proxy Standby ip Defaults Command Modes Command History Usage GuidelinesSecondary Group-number is 100 Used by the hot standby group is learned using Hsrp Standby group-numbermac-addressmac-address Standby mac-addressNo standby group-numbermac-address Mac-address MAC address That is used in the end nodes Ssl-proxyconfig-subif#standby 1 mac-addressShow standby 102 103 Standby mac-refreshStandby mac-refresh seconds no standby mac-refresh Standby name Hsrp is disabledStandby name group-name No standby name group-name Group-name Name of the standby group 105 Standby preempt Leaves any synchronization delay if it was configured Operation returns to the default behaviorClients To become the active router Standby group-numberpriority priority Standby priorityNo standby group-numberpriority priority Group-number is Priority is 108 This example shows how to change the router priority 109 Standby redirects Ssl-proxyconfig-subif#standby redirects timers 90 Related Commands show standbyShow standby redirect 110 Msec Standby timersOptional Specifies the interval in milliseconds 111 112 Decrement priority Standby trackOr comes back up 113 Router B Configuration Router a ConfigurationRelated Commands standby preempt 114 Standby use-bia scope interface no standby use-bia Standby use-biaScope interface On which it was entered, instead of the major interface Standby version This example shows how to configure Hsrp versionStandby version 1 Specifies Hsrp version Acronym Expansion CCA CbacCDP CEF Dsap DramDscp Dspu Icmp ICDIDB IDP Mdix MD5Mdss MFD OSM OSIOspf PAE ROM RmonRommon RPC SVC STPSVI TACACS+ WRR Weighted round-robinXNS Xerox Network System OL-9105-01 Acknowledgments for Open-Source Software OL-9105-01 Asterisk + plus sign Period ? command Caret # character privileged Exec mode prompt$ character IN-1 IN-2 IN-3 IN-4 IN-5 TCP IN-6 Configuration submode User Exec mode, summary