Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

crypto pki certificate

crypto pki certificate

To configure and define the PKI implementation on the WebVPN Services Module, use the crypto pki certificate command.

 

 

crypto pki certificate {chain name map map_name query validate trustpoint-label}

 

 

 

 

Syntax Description

 

chain

Identifies certificates.

 

 

 

 

 

 

name

CA server name.

 

 

 

 

 

 

map

Defines certificate attributes map.

 

 

 

 

 

 

map_name

CA map tag name.

 

 

 

 

 

 

query

Obtains certificates from the CA after reboot.

 

 

 

 

 

 

validate

Validates a certificate chain.

 

 

 

 

 

 

trustpoint-label

Trustpoint label name.

 

 

 

 

Defaults

Command Modes

Command History

Usage Guidelines

This command has no default settings.

Global configuration

Release

Modification

WebVPN Module

Support for this command was introduced on the Catalyst 6500 series

Release 1.1

switches.

 

 

The crypto pki certificate chain command puts you into certificate chain configuration mode. When you are in certificate chain configuration mode, you can delete certificates using the certificate command. You need to be in certificate chain configuration mode to delete certificates.

The crypto pki certificate validate command validates the router's own certificate for a given trustpoint. Use this command as a sanity check after enrollment to verify that the trustpoint is properly authenticated, a certificate has been requested and granted for the trustpoint, and that the certificate is currently valid. A certificate is valid if it is signed by the trustpoint certification authority (CA), not expired, and so on.

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

2-14

OL-7310-01

 

 

Page 14
Image 14
Cisco Systems 6500 manual Crypto pki certificate, Defaults Command Modes Command History Usage Guidelines