Cisco CCNA (640-553) Security Training – Using the "Certificate" Command

[ad_1]

In today's article, I'm going to quickly inform you about the Cisco IOS certificate chain configuration mode command named "certificate" .

Network administrators (like you) use the "certificate" command to manually add or delete certificates.

Below is the command syntax:

certificate certificate-serial-number

As you can see, the command is very easy to implement; the certificate-serial-number argument, is the serial number of the certificate that is to be either added or deleted.

In the examples below, the certificate with the serial number of "0123456789ABCDEF0123456789ABCDEF" is being added; then deleted. (Example # 1 is adding and Example # 2 is deleting)

Example # 1

Router> enable

Router # configure terminal

Router (config) #crypto ca certificate chain ittechtipsca

Router (config-cert-chain) # certificate 0123456789ABCDEF0123456789ABCDEF

Router (config-cert-chain) #end

Router # copy run start

Example # 2

Router> enable

Router # configure terminal

Router (config) #crypto ca certificate chain ittechtipsca

Router (config-cert-chain) # no certificate 0123456789ABCDEF0123456789ABCDEF

% Are you sure you want to remove the certificate [yes / no]? yes

% Be sure to ask the CA administrator to revoke this certificate.

Router (config-cert-chain) #end

Router # copy run start

As you can see, the way to delete a certificate is to type the word " no " in front of the command.

And, if you decide to use the command, make sure your router (s) is running Cisco IOS 11.3 T or higher.

I hope this article was very informative and helped you quickly understand the usage of the certificate command. If you need to learn more; I suggest you visit my website, were you'll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques.

To your success,

[ad_2]

Source by Charles E Ross