RSA Key Management

About this task

Refer to the RSA Keys screen to review existing RSA key configurations that have been applied to managed devices. If an existing key does not meet the needs of a pending certificate request, generate a new key or import/export an existing key to and from a remote location.

RSA (Rivest, Shamir, and Adleman) is an algorithm for public key cryptography. The algorithm can be used for certificate signing and encryption. When a device trustpoint is created, the RSA key is the private key used with the trustpoint.

To review existing device RSA key configurations, generate additional keys, or import/export keys to and from remote locations:

Procedure

  1. In the Certificate Management screen, select Launch Manager from either the SSH RSA Key, RADIUS Certificate Authority, or RADIUS Server Certificate parameters.
  2. Click RSA Keys from the Certificate Management screen.
    Click to expand in new window
    Certificate Management - RSA Keys Screen
    GUID-9C8CFDD5-4795-448A-BACF-B79B5683A90C-low.png
  3. Select a listed device to review its current RSA key configuration.
    Each key can have its size and character syntax displayed. Once reviewed, optionally generate a new RSA key, import a key from a selected device, export a key to a remote location, or delete a key from a selected device.
  4. Click Generate Key to create a new key with a defined size.
    Click to expand in new window
    Certificate Management - Generate RSA Keys Screen
    GUID-E760CE0C-DC1B-4AB8-B047-AAE535785053-low.png
  5. Define the following configuration parameters required for the Import of the key.
    Key Name Enter the 32-character maximum name assigned to the RSA key.
    Key Size Set the size of the key as either 2048 (bits) or 4096 (bits). Leaving this value at the default setting of 2048 is recommended to ensure optimum functionality.
  6. Click OK to generate the RSA key.
    Click Cancel to revert to the last saved configuration.
9036314-02 REV AA