How to create self-signed certificates An article by Fabio Semperboni Tutorial A digital certificate or identity certificate is an electronic document which uses a digital signature to bind a public key with an identity, information such as the name of a person or an organization, their address, and so forth. Dec 15, 2004 nov10-key is the name of the key pair. Note: Be sure to specify exportable; otherwise, you are not able to export the key pair from the SSLM. Ssl-proxy(config)# crypto key generate rsa general-keys label nov10-key exportable The name for the keys will be: nov10-key Choose the size of the key modulus in the range of 360 to 2048 for your General. The private key has to be protectedmake sure it doesn’t leave your computer. In this lesson, we will generate a public and private key on a Windows and Linux computer. We will then add the public key to a Cisco IOS router and use it for SSH authentication. Nov 27, 2019 While reconfiguring a Cisco switch 3750G WS-C3750G-24TS-S1U with version 12.0(5.3). When attempting to run “crypto key genearte rsa“, it was failing with below error: MW-CORE-SW01#conf tEnter configuration commands, one per line. End with CNTL/Z.MW-CORE-SW01(config)#hostname MWiredMW-CORE-SW01(config)#ip domain-name magwinya.co.zaMW-CORE-SW01(config)#crypto key generate.
KB ID 0001246
I was working on a Cisco 3750-G last week, and I was in the process of setting up SSH access. When I went to generate the crypto key and enable SSH, It fired an error at me. In fact it wouldn’t execute any crypto commands;
Now I have seen this before, (but not for a while). You need to be running a K9 version of the code. A quick ‘show version‘ will tell you.
So you can either, just use TELNET to manage the switch, or upgrade it to a K9 version of the code, (in my case c3750-ipserviceslmk9-tar.122-55.SE11). I chose to upgrade.
First I tried to TFTP in the bin file, but I kept getting a lot of ‘O’ (‘out of sequence’ errors,) and the process failed. Generate cer powershell private key exportable. After discussions with a colleague, he recommended I simply use the archive-download command and use the TAR upgrade file instead.
WARNING: These old G series switches only have a 16MB flash in them, the TAR file is about 13.5MB you will need to delete the boot file and folder from flash to upgrade the IOS, but I suggest you copy the bin file out to TFTP in case theres a drama, and you need top copy it back in, before you continue. (In fact backup the switch config as well to be on the safe side!)
Setup your TFTP server, and download your image (c3750-ipserviceslmk9-tar.122-55.SE11.tar).
Delete the .bin file from the flash on the switch, and any associated folders (Note: to delete a folder, the syntax is different). Obviouly you may have different files and folders.
Perform the upgrade;
It can take 10 minutes or so, but when complete, check the boot variable is set to the new image, and then reload the switch (It may restart a couple of times that’s OK).
NA