Specifications
3-58
Cisco Wide Area Application Services Command Reference
OL-21611-01
Chapter 3 CLI Commands
crypto import
crypto import
To import SSL certificates and key files, use the crypto import EXEC command.
crypto import {ca-certificate filename | pkcs12 { filename | admin} [exportable]}{pem-cert-key
| pkcs12}}{disk pathname | ftp address | sftp address | terminal | tftp address}
Syntax Description
Defaults No default behavior or values.
Command Modes EXEC
Device Modes application-accelerator
Usage Guidelines The Central Manager admin service uses a self-signed certificate and key by default. You can use the
crypto import pkcs12 admin command to import a custom certificate and key in PKCS12 or PEM
format. If you delete the custom certificate and key, the self-signed certificate and key again become
active.
ca-certificate filename Import a certificate authority certificate file. The name of the CA certificate
file to be imported (PEM format) must have .ca extension.
pkcs12 filename Specifies a certificate intended for the management or an accelerated
service (PKCS12 format). A PKCS12 file contains both the private
encryption key and the public key certificate. The name of the PKCS12 file
to be imported must have a .p12 extension.
Note: DSA-encoded certificates are not supported and will not be imported.
admin Specifies that the certificate and key are for the Central Manager admin
service. This option can be used only on the Central Manager.
exportable Configures the imported certificate to be exportable.
pem-cert-key Import both the certificate and key in PEM format.
When you use pem-cert-key, you must specify the pathname and filename
or the address and filename for both the certificate file and the key file for
disk, ftp, sftp, and tftp.
pkcs12 Import both the certificate and key in PKCS12 format.
disk pathname Import from a disk. Type the disk filename including the full path.
ftp address Import from FTP. Type the FTP server’s IP address or hostname.
sftp address Import from secure FTP. Type the secure FTP server’s IP address or
hostname.
terminal
Import from a terminal.
tftp address Import from TFTP. Type the TFTP server’s IP address or hostname.