Describes verification procedures for trustpoint configurations on network devices to confirm secure authentication for system logging.
Display the contents of a syslog file to verify the trustpoint configuration.
Verifying server authentication
Example:
Cisco XE SD-WAN# show crypto pki trustpoints status
crypto pki trustpoint SYSLOG-SIGNING-CA
enrollment url bootflash:vmanage-admin/
fqdn none
fingerprint xxxxxx
revocation-check none
subject-name CN=CSR-cbc47d9d-..._vManage Root CA
Verifying mutual authentication
Example:
Cisco XE SD-WAN# show crypto pki trustpoints status
crypto pki trustpoint SYSLOG-SIGNING-CA
enrollment url bootflash:vmanage-admin/
fqdn none
fingerprint xxxxxx
revocation-check none
rsakeypair SYSLOG-SIGNING-CA 2048
subject-name CN=CSR-cbc47d9d-..._vManage Root CA
Verify trustpoints on a device for a syslog-signing-CA certificate
Example:
Cisco XE SD-WAN# show crypto pki trustpoints SYSLOG-SIGNING-CA status
Trustpoint SYSLOG-SIGNING-CA:
Issuing CA certificate not configured.
State:
Keys generated ............. No
Issuing CA authenticated ....... No
Certificate request(s) ..... None