You configure RADIUS secure profiles with certificate information, certificate key
information, and password information, which enables RADSec peers to establish
connections.
About this task
Note
-
All the files (certificates and keys) must be in .pem format and copy it
to flash /intflash directory.
-
A new profile directory is created for each new profile in the
flash/intflash/.radsec/profile/radsec directory.
-
Profile configuration file “profile_info.cfg” is available in
/intflash/.radsec/profile directory.
-
You can configure a maximum of 10 RADSec profiles.
Procedure
-
Enter Global Configuration mode:
enable
configure
terminal
-
Configure a name for the RADIUS
profile:
radius secure-profile WORD<1-16>
-
Configure the full file path of
the certificate authority (CA) certificate for the RADIUS secure profile:
radius
secure-profile WORD<1-16> CA-cert-file WORD<0-128>
[WORD<1-128>]
-
Configure the full path of the server certificate for the RADIUS secure
profile:
radius
secure-profile WORD<1-16> cert-file WORD<0-128>
[WORD<1-128>]
-
Configure the full path of the private key file for the RADIUS secure
profile:
radius
secure-profile WORD<1-16> key-file WORD<0-128>
[WORD<1-128>]
-
Configure the private key
password for the RADIUS secure profile:
radius
secure-profile WORD<1-16> key-pwd
WORD<0-255>
