Key Management System
Configuring Key Chain Management
Configuring Key Chain Management
KMS-Related CLI Commands in This Section Page
show key-chain < chain_name > page 15-3
[ no ] key-chain chain_name page 15-3
[ no ] key-chain chain_name key Key_ID page 15-4
The Key Management System (KMS) has three configuration steps:
1. Create a key chain entry.
2. Assign a time-independent key or set of time-dependent keys to the Key
Chain entry. The choice of key type is based on the level of security
required for the protocol to which the key entry will be assigned.
3. Assign the key chain to a KMS-enabled protocol.
This procedure is protocol-dependent. For information on a specific protocol,
refer to the chapter covering that protocol in the Management and Configu-
ration Guide for your switch.
Creating and Deleting Key Chain Entries
To use the Key Management System (KMS), you must create one or more key
chain entries. An entry can be the pointer to a single time-independent key or
a chain of time-dependent keys.
Note The key chain information is copied to the standby management module (if
redundancy is enabled and the standby module has passed self-test).
.
Syntax: [ no ] key-chain < chain_name >
Generate or delete a key chain entry. Using the
optional no form of the command deletes the key
chain. The < chain_name > parameter can include up
to 32 characters.
15-3
