trustpoint sign

Configures the trustpoint to the server certificate profile that is used to sign the server certificate.

Syntax

trustpoint sign { trustpoint-name }
no trustpoint sign

Command Default

By default, the trustpoint is not configured.

Parameters

trustpoint-name
Defines the name of the trustpoint you are configuring. This name needs to be the same as that of the trustpoint created by the crypto ca trustpoint command. The string for the name cannot be left blank. The length of the string can range from 1 through 64 characters.

Modes

SSH server profile server configuration mode

Usage Guidelines

Use the no form of the command to remove the trustpoint configured on the device.

The trustpoint must be configured before you run this command. The same trustpoint must be used to sign and import the server certificate using the following commands: crypto ca authenticate, crypto ca enroll, crypto ca import, and crypto ca trustpoint.

Examples

The following example configures a trustpoint named myca. 

device# configure terminal
device(config)# ssh server certificate profile server
device(ssh-server-cert-profile-server)# trustpoint sign myca
9036689-01 Rev AA