Generate the Key Pair
About this task
Use the following procedure to generate the private and public key pair for the specific cryptography type. By default, the switch generates a 2,048 RSA key when the system starts. You can use this procedure to generate a new RSA key or to generate multiple RSA keys identified by a key-name. You can generate up to 10 RSA keys.
Procedure
Example
Generating the key pair identified by a key-name:
Switch:1>enable Switch:1#configure terminal Switch:1(config)#certificate generate-keypair key-name pki_key Switch:1(config)#1 2021-06-22T11:33:53.036Z VSP-4900-24XE CP1 - 0x003a864c - 00000000 GlobalRouter DIGITALCERT INFO Digicert Key-pair generation is in progress Switch:1(config):#1 2021-06-22T11:33:53.052Z VSP-4900-24XE CP1 - 0x003a8604 - 00000000 GlobalRouter DIGITALCERT INFO Generation of RSA key-pair for digital certificate is successful 1 2021-06-22T11:33:58.711Z Switch CP1 - 0x003a864d - 00000000 GlobalRouter DIGITALCERT INFO Digicert Key-pair generation completed successfully for key-name: pki_key
Display the configured key pairs:
Switch:1>show certificate key-name Key Name: pki_key Public Key Value: 00000000000000010000000102000000000301000100000100bdb1cf8382d66a2d2d0d24b4477908641c16423c089d9131781a3ada005e 52074e1ff3561e29598f93c53dcb06e4d235335573419bb938b6ccf93d3e6767d0932e129ea2f556276efce2be825df1f9dc661d3cafee7125f4f7126f5ba7e8 d9029623398b7d3fb00063ea0e4bedd56e276c52a6371b289de3ee4198ff2397b512b516604eac4e5f0f4a0621d7ac42541491d368f21e17a440aa6130a825a2 a7ca6ab1d7a7868f93e4d0d83c7e4973cf204b4f5f654abbaa9aa6199247976488b0957e65b656a6d21a2a4ac4d322a36c786d8a8deec763b6aec0d05b0f6bfe 87602caecb2cc71e2e4f9f4f8c4d4d4e9b25adf9c02eb44b763542f0449a326d0f3b Key Name: rsa_2048 Public Key Value: 00000000000000010000000102000000000301000100000100c150b1851644aaaef08060f3b3a7a0618758b84184867ffd80b3e02ec306 76171fe36e99f5450656fc6e6db672b6239f760c97c3e49639cea5d503c0e478bf7a4d213d5698d09d63622ccb279addbaa34135c81d70660489b55b6babca59 4f17d8ed250cf917325df0f73a10896157e6e3a24a584bc713b2e6493d059c8efd53bbbf5db0aa95b43c1668ba1053d0fe0e5c44dc889bd35bf11730e5827cb2 068048ab97e9f0757514f47332337376eed83a7cb95a53462639f5a47f026b0172cfa3ddffee7269e737a32d8f2e5590a9ee07d3f329af4e4f2a73ed9de59991 6bc25e6ac51e482cbbb71f736ec0e396fc314e5eed3c438efff68d1a31bdbed24d55
Variable Definition
The following table defines parameters for the generate-keypair command.
Variable |
Value |
---|---|
type rsa |
Specifies type of cryptography algorithm used to generate the key-pair. The switch uses only rsa as the cryptography algorithm type. |
size 2048 |
Specifies the size or modulus of key-pair to be generated. The switch only supports 2048. |
key-name WORD<1-45> Note:
Exception: Not supported on VSP 8600 Series. |
Specifies the key label for RSA 2048 key to be generated. You can configure up to 10 RSA keys by specifying the key-name label. The default key-name label is rsa_2048. |