- Using Cisco Unified SIP Proxy Software
- Documentation Roadmap for Cisco Unified SIP Proxy Release 9.0
- Cisco Unified SIP Proxy Module EXEC Commands
- Cisco Unified SIP Proxy EXEC Commands
- Cisco Unified SIP Proxy Configuration Commands
- Cisco Unified SIP Proxy SIP Commands
- Cisco Unified SIP Proxy SIP Server Commands
- Cisco Unified SIP Proxy Radius Server Commands
- Cisco Unified SIP Proxy Trigger Commands
- Cisco Unified SIP Proxy Route Commands
- Cisco Unified SIP Proxy Policy Commands
- Cisco Unified SIP Proxy Accounting Commands
- Cisco Unified SIP Proxy Security Commands
- Module Commands for Cisco Unified SIP Proxy
Cisco Unified SIP Proxy Security Commands
crypto key certreq
To generate a certificate sign request (CSR) to enable the certificate authority to sign a requested certificate, use the crypto key certreq command in module configuration mode. This command does not have a no or default form.
crypto key certreq label label-name url { ftp: | http: }
Syntax Description
Requests a CSR for the specified certificate-private key pair. |
|
Specifies a remote server as the source of the certificate and key. The system prompts you for more information. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The certificate sign request is only valid after the key is generated. Note that the crypto key commands are not available in Cisco Unified SIP Proxy and must be entered in module configuration mode.
Examples
The following example generates a certificate sign request XXXX.
Related Commands
|
|
|
|---|---|
Designates a certificate-private key pair as the system default. |
|
crypto key label default
To set a certificate and private key pair as the system default, use the crypto key default command in module configuration mode. To remove the system default designation from the certificate-key pair, use the no form of this command.
crypto key label label-name default
no crypto key label label-name default
Syntax Description
The name of the certificate-private key pair to be set as the system default. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Note that the crypto key commands are not available in Cisco Unified SIP Proxy and must be entered in module configuration mode.
Setting the certificate-key pair allows applications such as integrated messaging to use the default certificate for SSL security without knowing the specific label name of the pair.
If several certificate-key pairs exist on the system and none of them are the system default, use this command to designate one of them as the system default.
To change the designation from one pair to another, remove the designation from the original pair using the no form of this command. Then assign the designation to the new pair.
The no form of this command does not delete the certificate or private key. The pair remains on the system and is no longer designated as the system default pair.
The system displays an error message if either of the certificate-key pairs does not exist.
Examples
The following example designates the certificate-private key pair with the label mainkey.ourcompany as the system default.
The following example changes the system default designation from certificate-key pair alphakey.myoffice to betakey.myoffice:
Related Commands
|
|
|
|---|---|
Generates a certificate sign request (CSR) to enable the certificate authority to sign a requested certificate. |
|
crypto key delete
To delete a certificate and private key pair from the system, use the crypto key delete command in module configuration mode. This command does not have a no or default form.
crypto key delete { all | label label-name }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The crypto key commands are not available in Cisco Unified SIP Proxy and must be entered in module configuration mode.
An error message appears if the specified certificate-private key pair does not exist.
Examples
The following example deletes the certificate and private key with the name mainkey.ourcompany.
Related Commands
|
|
|
|---|---|
Generates a certificate sign request (CSR) to enable the certificate authority to sign a requested certificate. |
|
Designates a certificate-private key pair as the system default. |
|
crypto key generate
To generate a self-signed certificate and private key, use the crypto key generate command in module configuration mode. This command does not have a no or default form.
crypto key generate [ rsa { label label-name | modulus modulus-size } | default ]
Syntax Description
Command Default
The default encryption algorithm is ras.
The default label has the form hostname . domainname.
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The crypto key commands are not available in Cisco Unified SIP Proxy and must be entered in module configuration mode.
If you do not select any keywords or do not specify a label, the system automatically generates a certificate-key pair with a name in the format hostname.domainname.
Use the crypto key generate command or the crypto key label default command to set a certificate-key pair as the system default.
Examples
The following example generates a certificate and private key with the name mainkey.ourcompany, size 750, and assigns the generated pair as the system default.
Related Commands
|
|
|
|---|---|
Generates a certificate sign request (CSR) to enable the certificate authority to sign a requested certificate. |
|
Designates a certificate-private key pair as the system default. |
|
show crypto key
To display configured certificate-private key pairs, use the show crypto key command in module EXEC mode.
show crypto key { all | label label-name }
Syntax Description
Displays characteristics of the specified certificate-private key pair. An error message appears if label-name does not exist. |
Command Modes
Command History
|
|
|
|---|---|
Examples
The following is sample output for the show crypto key command:
Table 13-1 describes the significant fields shown in the display.
|
|
|
|---|---|
Related Commands
|
|
|
|---|---|
Generates a certificate sign request (CSR) to enable the certificate authority to sign a requested certificate. |
|
Designates a certificate-private key pair as the system default. |
|
Feedback