Staff member
Aug 15, 2019
In this post router R-CA will be our CA Server and R-Client will request a certificate from R-CA.

R-CA – Certificate Authority Configuration

crypto key generate rsa label CA modulus 1024
crypto pki server CA-Server
database level complete
no database archive
issuer-name CN=r-ca O=lab.local
grant auto

R-Client(config)#crypto pki authenticate R-Client

!!!Session output!!!

R-CA(config)#crypto key generate rsa label CA modulus 1024
The name for the keys will be: CA

% The key modulus size is 1024 bits
% Generating 1024 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 0 seconds)

*Jul 15 06:27:12.382: %SSH-5-ENABLED: SSH 1.99 has been enabled

R-CA(config)#ip http server

R-CA(config)#crypto pki ?
server Enable IOS Certificate server

R-CA(config)#crypto pki server CA-Server
R-CA(cs-server)#database level complete
database Certificate Server...
Continue reading...