41-10
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter41 Configuring Digital Certificates
Configuring Digital Certificates
Removing Key Pairs
To remove key pairs, perform the following steps:
Examples
The following example shows how to remove key pairs:
hostname(config)# crypto key zeroize rsa
WARNING: All RSA keys will be removed.
WARNING: All device certs issued using these keys will also be removed.
Do you really want to remove these keys? [yes/no] y
Configuring Trustpoints
To configure a trustpoint, perform the following steps:
Step3 show crypto key name of key
Example:
hostname/contexta(config)# show crypto key
examplekey
Verifies key pairs that you have generated.
Step4 write memory
Example:
hostname(config)# write memory
Saves the key pair that you have generated.
Command Purpose
Command Purpose
crypto key zeroize rsa
Example:
hostname(config)# crypto key zeroize rsa
Removes key pairs.
Command Purpose
Step1 crypto ca trustpoint trustpoint-name
Example:
hostname/contexta(config)# crypto ca trustpoint Main
Creates a trustpoint that corresponds to the CA from
which the ASA needs to receive a certificate. Enters
the crypto ca trustpoint configuration mode, which
controls CA-specific trustpoint parameters that you
may configure starting in Step 3.
Step2 Choose one of the following options: