Filter
Top Products
2-16
Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1
OL-7310-01
Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module
crypto pki enroll
crypto pki enroll
To request a certificate for the trustpoint, use the crypto pki enroll command.
crypto pki enroll trustpoint-label
Syntax Description
Defaults This command has no default settings.
Command Modes Global configuration
Command History
Usage Guidelines The trustpoint-label argument is case-sensitive.
You must obtain a signed certificate from the certificate authority for each trustpoint.
You have the option to create a challenge password that is not saved with the configuration. This
password is required if your certificate needs to be revoked, so you must remember this password.
Note If your module or switch reboots after you have entered the crypto pki enroll command, but before you
have received the certificates, you must reenter the command and notify the certificate authority
administrator.
Examples This example shows how to request a certificate:
webvpn(config)# crypto pki enroll PROXY1
%
% Start certificate enrollment..
% The subject name in the certificate will be: C=US; ST=California; L=San Jose; O=Cisco;
OU=Lab; CN=host1.cisco.com
% The subject name in the certificate will be: host.cisco.com
% The serial number in the certificate will be: 00000000
% The IP address in the certificate is 10.0.0.1
% Certificate request sent to Certificate Authority
% The certificate request fingerprint will be displayed.
% The 'show crypto pki certificate' command will also show the fingerprint.
Fingerprint: 470DE382 65D8156B 0F84C2AF 4538B913
webvpn(config)# end
trustpoint-label Name of the trustpoint label.
Release Modification
WebVPN Module
Release 1.1
Support for this command was introduced on the Catalyst 6500 series
switches.