Setting up Digital Certificates
! R5
conf t
ntp master 5
int loop 0
ip add 5.5.5.5 255.255.255.255
exit
ip http server
crypto pki server CA
issuer-name CN=CA,O=cbtnuggets.com
hash sha512
grant auto
no shutdown
end
show crypto pki server
! R1 as CA client
ping 5.5.5.5
conf t
ntp server 5.5.5.5
do show ntp associations
do show ntp status
crypto key generate rsa modulus 2048 label r1.cbtnuggets.com
do show crypto key mypubkey rsa r1.cbtnuggets.com
crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r1.cbtnuggets.com
fqdn r1.cbtnuggets.com
subject-name CN=r1,O=cbtnuggets.com
revocation-check none
exit
crypto pki authenticate Trusted-CA
do show crypto pki trustpoints
do show crypto pki certificates
crypto pki enroll Trusted-CA
do show crypto pki certificates verbose Trusted-CA
end
! R2 as CA client
conf t
ntp server 5.5.5.5
crypto key generate rsa modulus 2048 label r2.cbtnuggets.com
crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r2.cbtnuggets.com
fqdn r2.cbtnuggets.com
subject-name CN=r2,O=cbtnuggets.com
revocation-check none
exit
crypto pki authenticate Trusted-CA
crypto pki enroll Trusted-CA
end
show crypto pki certificates
! R3 as CA client
conf t
ntp server 5.5.5.5
crypto key generate rsa modulus 2048 label r3.cbtnuggets.com
crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r3.cbtnuggets.com
fqdn r3.cbtnuggets.com
subject-name CN=r3,O=cbtnuggets.com
revocation-check none
exit
crypto pki authenticate Trusted-CA
crypto pki enroll Trusted-CA
end
show crypto pki certificates
! R4 as CA client
conf t
ntp server 5.5.5.5
crypto key generate rsa modulus 2048 label r4.cbtnuggets.com
crypto pki trustpoint Trusted-CA
enrollment url http://5.5.5.5
rsakeypair r4.cbtnuggets.com
fqdn r4.cbtnuggets.com
subject-name CN=r4,O=cbtnuggets.com
revocation-check none
exit
crypto pki authenticate Trusted-CA
crypto pki enroll Trusted-CA
end
show crypto pki certificates
No comments:
Post a Comment