Copy and Paste the contents of the generated CA certificate after executing the CLI ' crypto ca authenticate onep-tp' in ASR 9000
XR Server's 'Certificate request' with the CLI ' crypto ca enroll onep-tp'.
Below is the snippet collected during certificate request generation,
Password: (cisco)Re-enter Password: (cisco)% The subject name in the certificate will include: CN=ASR9K-8.cisco.com% The subject name in the certificate will include: ASR9K-8.cisco.com% Include the router serial number in the subject name? [yes/no]: yes% The serial number in the certificate will be: f15db8e1% Include an IP address in the subject name? [yes/no]: yesEnter IP Address 192.168.122.1 (This should be RSP address used for establishing the connected apps) Fingerprint: 44383334 43413532 30324435 35393534Display Certificate Request to terminal? [yes/no]: yes Certificate Request follows:# --License-----End - This line not part of the certificate request--- Redisplay enrollment request? [yes/no]: no
Now collect the
generated 'certificate request' and get it signed by the Certificate Authority
signed certificate in ASR90000 with the CLI ' crypto ca import onep-tp
certificate' (copy paste the signed certificate here)
Can check the
certificate status in ASR90000 with the show CLI ' show crypto ca certificates'