Generate the Key Pair on Fabric IPsec Gateway VM

About this task

Use the following procedure to generate the private and public key pair. By default, VOSS generates a 2,048 RSA key when the system starts. You can use this procedure to generate a new key.

Before you begin

  • Configure an EJBCA CA server.

  • Configure a route from Fabric IPsec Gateway to the EJBCA CA server.

Procedure

  1. Enter Fabric IPsec Gateway Configuration mode:

    enable

    virtual-service WORD<1-128> console

    Note

    Note

    Type CTRL+Y to exit the console.

  2. Generate the key:

    certificate generate key <type> <size> <key-label>

Example

Switch:1>enable
Switch:1#virtual-service FIGW console
FIGW>certificate generate key rsa 2048 key_rsa
  fingerprint:    09ac0c64b9bf3ad04dc67f20942c674e

Variable Definitions

The following table defines parameters for the certificate generate key command.

Variable Value

key-label

Specifies the key name of the generated key pair.

size

Specifies the size of key-pair to be generated. The switch supports 2048.

type

Specifies the type of cryptography algorithm used to generate the key-pair. The switch uses only rsa as the cryptography algorithm type.