04-22-2015 07:55 AM - edited 04-22-2015 07:56 AM
Is it possible to generate your own self-signed cert for web management? If yes, can you please show me how?
I don't want to use the default cert which is generated from the following command:
crypto-ssl certificate generate default_cert
ADX 1000F (ASR12502b)
04-24-2015 07:59 AM
Yes you can download your own certificate and key.
1.Importing digital certificates and private key files
To import a digital certificate using TFTP, enter the following command.
ServerIronADX(config)# ip ssl certificate-data-file tftp <ip address><certificate file-name>
To import a private key using TFTP, enter the following command.
ServerIronADX(config)# ip ssl private-key-file tftp <ip address> <key file-name>
After you have imported the digital certificate, reformat and prepare the SSL certificate for use by HTTPS access by entering the following command.
ServerIronADX(config)# crypto-ssl certificate generate
04-24-2015 08:27 AM
There is a known defect if your ssl key is morethan 2k size.
Defect ID: DEFECT000487047
Reported In Release:
Closed In Release(s): SI 12.5.01c(Fixed)
Unable to generate a certificate-key pair for web-management when the imported SSL key size is 2048 bits.
When size of the imported SSL Key for Web Management is more than 2k.