Cisco Systems OL-16647-01 Switch User Manual

Open as PDF

of 20

33-9

Cisco Security Appliance Command Line Configuration Guide

OL-16647-01

Chapter 33 Configuring Certificates

Identity Certificates Authentication

• Issued to— Displays the X.500 fields of the subject DN or certificate owner and their values. This

applies only to available status.

• Issued by—Displays the X.500 fields of the entity granting the certificate. This applies only to

available status.

Delete an Identity Certificate

The Delete button immediately removes the selected Identity Certificate configuration from the security

appliance. Once you delete a certificate configuration, it cannot be restored; to recreate the deleted

certificate, use the Add button to reenter the certificate configuration information from the beginning

Note Once you delete a certificate configuration, it cannot be restored.

Export an Identity Certificate

The Export panel lets you export a certificate configuration with all associated keys and certificates in

PKCS12 format, which must be in base64 format. An entire configuration includes the entire chain (root

CA certificate, identity certificate, key pair) but not enrollment settings (subject name, FQDN and so

on). This feature is commonly used in a failover or load-balancing configuration to replicate certificates

across a group of security appliances; for example, remote access clients calling in to a central

organization that has several units to service the calls. These units must have equivalent certificate

configurations. In this case, an administrator can export a certificate configuration and then import it

across the group of security appliances.

Export Identity Certificate Fields

• Export to a file—Specify the name of the PKCS12-format file to use in exporting the certificate

configuration;

• Certificate Format—Click PKCS12 format, the public key cryptography standard, which can be

base64 encoded or hexadecimal, or click PEM format.

–

Browse—Display the Select a File dialog box that lets you navigate to the file to which you

want to export the certificate configuration.

• Encryption Passphrase—Specify the passphrase used to encrypt the PKCS12 file for export.

–

Confirm Passphrase—Verify the encryption passphrase.

• Export Certificate—Export the certificate configuration.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

•••••

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-16647-01 Switch User Manual