Specifications

ManualsBrandsCisco ManualsAnswering MachineUnity Express 8.0 Voice-Mail System

301

302

303

304

305

306

307

308

309

310

15-2

Cisco Unity Express Voice-Mail and Auto-Attendant CLI Administrator Guide for 3.0 and Later Versions

OL-14010-09

Chapter 15 Configuring Security

Obtaining a Certificate and Private Key

Cisco Unity Express requires a default certificate and private key before the IMAP server is configured

for SSL and can accept SSL connections. Two procedures are available to obtain a certificate-key pair:

• Generating a Certificate-Key Pair—A command automatically generates the pair.

• Importing a Certificate-Key Pair—A command imports a pair from the console or a remote server.

Generating a Certificate-Key Pair

Starting in Cisco Unity Express configuration mode, use the following command to have the

Cisco Unity Express system generate a certificate-key pair:

crypto key generate [rsa {label label-name | modulus modulus-size} | default]

where rsa is the supported encryption algorithm, label-name is the name assigned to the certificate-key

pair, modulus-size is a number between 512 and 1024 used for generating a key, and default designates

the generated certificate-key pair as the system default. If you do not select any keywords or do not

specify a label, the system automatically generates a certificate-key pair with a name in the format

hostname.domainname.

The following example generates a default certificate-key pair with the label alphakey.myoffice.

se-10-0-0-0# config t

se-10-0-0-0(config)# crypto key generate label alphakey.myoffice modulus 600 default

se-10-0-0-0(config)# end

Importing a Certificate-Key Pair

Starting in Cisco Unity Express configuration mode, use the following command to import a

certificate-key pair:

crypto key import rsa label label-name {der url {ftp: | http:} | pem {terminal | url {ftp: | http:}}

[default]

where the parameters are defined as follows:

• rsa is the supported encryption algorithm.

• label label-name is the name assigned to the certificate-key pair.

• der and pem are the encoding formats of the imported certificate.

• terminal indicates that the import is coming from the console.

• url {ftp: | http:} indicates that the import is coming from a remote server at the specified URL.

• default designates the imported certificate-key pair as the system default.

The command prompts you for the certificate and private key information.

The following example imports a default certificate-key pair with the label alphakey.myoffice.

se-10-0-0-0# config t

se-10-0-0-0(config)# crypto key import rsa label alphakey.myoffice pem terminal

Enter certificate...

End with a blank line or “quit” on a line by itself

Enter private key...

Private key passphrase?