Use this command to generate a self-signed certificate for HTTPS. This command enters the Crypto Certificate Generation mode. Enter the fields, such as key-generate, duration, location, and so on. The generated RSA key for SSL has a length specified by the key-generate field. Use the exit command to exit from Crypto Certificate Generation mode and generate the self-signed certificate.
Note:
The switch uses SHA2-256 to sign the generated certificate, and the key length of the certificate generated is 2048 bits.
| Format | crypto certificate 1-2 generate |
| Mode | Global Config |
Example: The following example shows the fields entered by the user to generate a self-signed certificate.
(Routing)(config)#crypto certificate 1 generate
(Routing)(config-crypto-cert-gen)#?
common-name Specifies the common name.
country Specifies the country name.
do Run Privileged Exec mode commands.
duration Specifies number of days a self-signed
certification would be valid.
email Specifies the contact email address.
exit To exit from the mode.
key-generate Regenerate SSL RSA key. If unspecified defaults to
1024.
location Specifies the location or city name.
organization-name Specifies the organization name
organization-unit Specifies the organization internal unit
show Display Switch Options and Settings.
state Specifies the state or province name.
(Routing)(config-crypto-cert-gen)#
(Routing)(config-crypto-cert-gen)#key-generate 1024
(Routing)(config-crypto-cert-gen)#exit
Certification Generation Successful..
(Routing)(config)#
