CLI Guide
Switch Management Commands 2385
where N is the certificate number.
To use a signed certificate on the switch, perform the following steps:
• Generate the RSA and DSA keys using the crypto key generate
command for RSA followed by DSA. or the
key-generate
command in
crypto certificate generate mode.
• Generate a self signed certificate using the crypto key generate
command, or optionally…
• Generate a certificate request using the crypto certificate request
command. This command uses the DSA keys and the self signed
certificate.
• Copy the certificate request displayed on the screen and send it to a CA.
• When the signed certificate is received, copy the signed certificate onto
the switch using the crypto certificate import command
Example
The following example generates a self-signed HTTPS certificate. The
exit
command attempts to generate the self-signed certificate. Use the
end
command to exit Crypto Certificate Generate mode without generating a
certificate.
console(config)#crypto certificate 1 generate
console(config-crypto-cert)#key-generate
console(config-crypto-cert)#common-name DELL-Switch101
console(config-crypto-cert)#country US
console(config-crypto-cert)#duration 3650
console(config-crypto-cert)#email no-reply@dell.com
console(config-crypto-cert)#location “Round Rock”
console(config-crypto-cert)#organization-unit “Dell Networking”
console(config-crypto-cert)#organization-name “Dell EMC, Inc.”
console(config-crypto-cert)#state TX
console(config-crypto-cert)#exit
Certificate Generation Successful…
The generated certificate can be displayed using the show crypto certificate
command. Copy the certificate text into a text file with a .scr extension for
importing into a web browser.