Specifications

ManualsBrandsCisco ManualsComputer equipment7935 - IP Conference Station VoIP Phone

121

122

123

124

125

126

127

128

129

130

Setting Up Secure Survivable Remote Site Telephony

How to Configure Secure SRST

114

Cisco Unified Survivable Remote Site Telephony Version 4.0 System Administrator Guide

DETAILED STEPS

Command or Action Purpose

Step 1

crypto pki server

cs-label

Example:

Router (config)# crypto pki server srstcaserver

Enables the certificate server and enters certificate server

configuration mode.

Note If you manually generated an RSA key pair, the

cs-label argument must match the name of the key

pair.

For more information on the certificate server, see the

Cisco IOS Certificate Server documentation.

Step 2

database level {minimal | names | complete}

Example:

Router (cs-server)# database level complete

Controls what type of data is stored in the certificate

enrollment database.

• minimal—Enough information is stored only to

continue issuing new certificates without conflict; this

is the default.

• names—In addition to the information given in the

minimal level, the serial number and subject name of

each certificate are stored.

• complete—In addition to the information given in the

minimal and names levels, each issued certificate is

written to the database.

Note The complete keyword produces a large amount of

information; if it is issued, you should also specify

an external TFTP server on which to store the data

via the database url command.

Step 3

database url

root-url

Example:

Router (cs-server)# database url nvram

Specifies the location where all database entries for the

certificate server will be written. After you create a

certificate server via the crypto pki server command, use

this command to specify a combined list of all the

certificates that have been issued. The root-url argument

specifies the location where database entries are written.

• The default location for the database entries to be

written is flash; however, NVRAM is recommended for

this task.

Step 4

issuer-name

DN-string

Example:

Router (cs-server)# issuer-name CN=srstcaserver

Sets the CA issuer name to the specified distinguished name

(DN-string). The default value is as follows:

issuer-name CN=cs-label.