Cisco router CA server

Published by Matt Clemons on

Easy way to create a CA server for testing purposes.

hostname CA

crypto key generate rsa label PKI modulus 2048

ip http server

crypto pki server PKI 
  database url flash:
  database level complete
  issuer-name cn=rootca.test.local
  hash sha256
  database archive pkcs12 password Cisco123
  grant auto
  no shut

crypto pki export PKI pem url flash:
yes

tftp-server flash:PKI.ca

crypto pki export PKI pem terminal !Get a text based version of the CA cert.

Config your Network interfaces.

Gen a CSR on whatever you need a cert for.

Then back on the router, use the CSR to gen a cert.

crypto pki server PKI request pkcs10 terminal

Paste in your CSR, and the router will output the cert in base64.

Categories: HardwareSecurity

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Security

Nuclei

When it comes to automated vulnerability scanning, Nuclei is one of the best open source tools out there. It’s fast, flexible, and extensible with thousands of community templates. Masscan is like nmap on steroids. We’ll Read more

Security

CISSP 3: Security and Risk Management Essentials

In the CISSP world, understanding Security and Risk Management is like building a solid foundation for a house. It supports everything else you do in cybersecurity. This domain forms the core of the CISSP Common Read more

Security

T-Pot

T-Pot is an open-source honeypot framework designed to emulate multiple attack surfaces and gather data on malicious activities. This blog post walks through the installation process on an Ubuntu 20.04 server, and demonstrates how to Read more