Describes certificate management in Cisco Catalyst SD-WAN, including how certificates are used to authenticate and authorize control connections between edge devices and SD-WAN Control Components. It covers certificate installation, validation, renewal, staging, and related SD-WAN Manager workflows.
Feature history of certificate management
Developments in certificate management, by release.
Managing certificates in SD-WAN Manager
Describes the information that SD-WAN Manager provides about certificates, and the controls for managing them.
Stage a WAN edge device
Procedure for staging a device.
Invalidate a device
Procedure to invalidate WAN edge devices.
Send SD-WAN Controller serial numbers to the SD-WAN Validator
Procedure to send the controller serial numbers to the SD-WAN Validator.
Install a signed certificate
Procedure to manually install a signed certificate.
Export a root certificate
Describes how to export a root certificate, saving it as a file.
View a certificate signing request
Procedure to view a certificate signing request.
View a device certificate signing request
Procedure to view a device certificate signing request.
View a certificate
Procedure to view a certificate.
Generating a certificate signing request
Procedure to generate a certificate signing request.
Reset the RSA key pair
Procedure to reset the RSA key pair.
Invalidate an SD-WAN Control Component
Procedure to invalidate a device.
Invalidate a device certificate
Procedure to invalidate a device certificate.
View a log of certificate activities
Procedure to view the log of certificate activities.
View a signed certificate
Procedure to view a signed certificate.
Revoking certificates
Procedure to revoke designated certificates from devices that are included in a certificate revocation list (CRL), which is obtained from a root certificate authority (CA).
Restrictions for revoking certificates
Describes restrictions to be aware of while revoking certificates.
Revoke certificates
Procedure to revoke enterprise certificates from devices based on a certificate revocation list.
Cisco PKI certificates
A Cisco SD-WAN public key infrastructure (PKI) certificate is a digital certificate that provides automated certificate management by linking certificates to a Smart Account and Virtual Account, and supports a variety of security protocols.
Renew a certificate
Procedure to renew a certificate.
How SD-WAN Manager installs a certificate on an edge device
Describes how SD-WAN Manager stages and tests new edge device certificates with the SD-WAN Validator before installation, completing the install only if the staged certificate successfully establishes a validated control connection.
Install a web server certificate
Procedure to install a web server certificate.