dhon.manalo

"Any fool can write code that a computer can understand"

Baked with JBake v2.6.7
Theme by Mark Otto

Removing Self-assigned RSA Key

01 May 2014

When enabling Cisco router's http server, it automatically generates a self-signed certificate which is good but when you decided to turn off the http server, it will then leave a self-signed certificate making running-config a bit messy. Here are the steps to remove the self-signed certificated if it's no longer needed.

cisco887(config)#show crypto key mypubkey rsa

cisco887(config)#no crypto pki trustpoint TP-self-signed-483521904
% Removing an enrolled trustpoint will destroy all certificates
 received from the related Certificate Authority.

Are you sure you want to do this? [yes/no]: yes
% Be sure to ask the CA administrator to revoke your certificates.

cisco887(config)#crypto key zeroize rsa TP-self-signed-483521904
% Keys to be removed are named named 'TP-self-signed-4294967295'.

% All router certs issued using these keys will also be removed.

Do you really want to remove these keys? [yes/no]: yes