Pages

Thursday, January 28, 2016

Certificate Install


Setting up Digital Certificates

! R5
conf t

ntp master 5
int loop 0
ip add 5.5.5.5 255.255.255.255

exit
ip http server

crypto pki server CA
issuer-name CN=CA,O=cbtnuggets.com
hash sha512
grant auto
no shutdown

end

show crypto pki server

! R1 as CA client

ping 5.5.5.5

conf t

ntp server 5.5.5.5

do show ntp associations

do show ntp status

crypto key generate rsa modulus 2048 label r1.cbtnuggets.com

do show crypto key mypubkey rsa r1.cbtnuggets.com

crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r1.cbtnuggets.com
fqdn r1.cbtnuggets.com
subject-name CN=r1,O=cbtnuggets.com
revocation-check none
exit

crypto pki authenticate Trusted-CA

do show crypto pki trustpoints

do show crypto pki certificates

crypto pki enroll Trusted-CA

do show crypto pki certificates verbose Trusted-CA

end

! R2 as CA client

conf t
ntp server 5.5.5.5

crypto key generate rsa modulus 2048 label r2.cbtnuggets.com

crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r2.cbtnuggets.com
fqdn r2.cbtnuggets.com
subject-name CN=r2,O=cbtnuggets.com
revocation-check none
exit

crypto pki authenticate Trusted-CA

crypto pki enroll Trusted-CA

end

show crypto pki certificates


! R3 as CA client

conf t
ntp server 5.5.5.5

crypto key generate rsa modulus 2048 label r3.cbtnuggets.com

crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r3.cbtnuggets.com
fqdn r3.cbtnuggets.com
subject-name CN=r3,O=cbtnuggets.com
revocation-check none
exit

crypto pki authenticate Trusted-CA

crypto pki enroll Trusted-CA

end

show crypto pki certificates

! R4 as CA client

conf t
ntp server 5.5.5.5

crypto key generate rsa modulus 2048 label r4.cbtnuggets.com

crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r4.cbtnuggets.com
fqdn r4.cbtnuggets.com
subject-name CN=r4,O=cbtnuggets.com
revocation-check none
exit

crypto pki authenticate Trusted-CA

crypto pki enroll Trusted-CA

end

show crypto pki certificates




No comments:

Post a Comment