2-16
Catalyst 6500 Series Switch SSL Services Module Command Reference
OL-9105-01
Chapter2 Commands for the Catalyst 6500 Series SSL Services Module
crypto key encrypt rsa
crypto key encrypt rsa
To encrypt the RSA keys, use the crypto key encrypt rsa command.
crypto key encrypt [write] rsa [name key-name] passphrase passphrase
Syntax Description
Defaults This command has no default settings.
Command Modes Global configuration
Command History
Usage Guidelines After you enter this command, the router can continue to use the key; the key remains unlocked.
If you do not enter the write keyword, you must manually write the configuration to NVRAM;
otherwise, the encrypted key will be lost the next time that the router is reloaded.
Examples This example shows how to encrypt the RSA key “pki1-72a.cisco.com.” Enter the show crypto key
mypubkey rsa command to verify that the RSA key is encrypted (protected) and unlocked.
ssl-proxy(config)# crypto key encrypt rsa name pki1-72a.cisco.com passphrase cisco1234
ssl-proxy(config)# exit
ssl-proxy# show crypto key mypubkey rsa
Key name:pki1-72a.cisco.com
Usage:General Purpose Key
*** The key is protected and UNLOCKED. ***
Key is not exportable.
Key Data:
305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00E0CC9A 1D23B52C
...
% Key pair was generated at:00:15:32 GMT Jun 25 2003
ssl-proxy#
Related Commands crypto key decrypt rsa
crypto key lock rsa
crypto key unlock rsa
write (Optional) Writes the configuration to the startup configuration.
name key-name (Optional) Name of the key.
passphrase passphrase Pass phrase.
Release Modification
SSL Services Module
Release 3.1(1)
Support for this command was introduced on the Catalyst 6500 series
SSL Services Module.
