Chapter28 Public Key Infrastructure
Summary
28-42
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
The modulus determines the size of the key. The larger the modulus, the more
secure the key, but keys with large modulus take longer to generate, and
encryption/decryption operations take longer with larger keys.
Generate separate key pairs for encryption and signature
By default, SDM creates a general purpose key pair that is used for both
encryption and signature. If you want SDM to generate separate key pa irs for
encrypting and signing documents, check this box. SDM will generate usage keys
for encryption and signature.
Use existing RSA key pair
Click this button if you want to use an existing key pair, and select the key from
the drop-down list.
Save to USB Token
Check the Save keys and certificates to secure USB token checkbox if you want
to save the RSA keys and certificates to a USB token connected to your router.
This checkbox appears only if a USB token is connected to your router.
Choose the USB token from the USB token drop-down menu. Enter the PIN
needed to log in to the chosen USB token in PIN.
After you choose a USB token and enter its PIN, click Login to log in to the USB
token.
Summary
This window summarizes the information that you provided. The information that
you provided is used to configure a trustpoint on the rou ter and begin the
enrollment process. If you enabled Preview commands before delivering to
router in the Preferences dialog, you will be able to preview the CLI that is
delivered to the router.
If you are performing an SCEP enrollment
After the commands are delivered to the router, SDM attempts to contact the CA
server. If the CA server is contacted, SDM displays a message window with the
servers digital certificate.