Skip to main content

Creating an Entrust SSL certificate for Cisco SCA

User-added image
For Cisco SCA

This process is in three parts:
1) Creating your Private Key
2) Creating your Certificate Signing Request (CSR)
3)
Installing your Certificate

Part 1 of 3: Creating your Private Key Please issue the following commands to create your private key:

# config
# ssl
# key new_key create
# genrsa bits 1024 encrypt des output entrust_key
You can specify up to 2048 as the bit length for the key. You must enter a password this key. Do not forget this password. Part 2 of 3: Creating your Certificate Signing Request (CSR) Please issue the following command to create your CSR:

# gencsr key entrust_key
This command uses entrust_key as the identifier for the key that was just generated. The CSR must correspond to a key that you have created. You will need to specify the following fields in your CSR: Common name: Enter the domain that is to be secured on the certificate. This is usually a fully qualified domain name (e.g. mydomain.com). Organization: Enter the legal business name of the organization. Organizational Unit : Enter the your department name (e.g. IT). City/Locality: The city in which your company is currently located. State/Province: The state in which your company is currently located. Country/Region: Select your country/Region. Part 3 of 3: Installing your Certificate First, you must install your webserver certificate . Copy your certificate from the browser and paste it into a text editor. Save it as a .crt file. You can install your certificate by using the following command

# enable
# configure
# cert Entrust_cert create
# pem-paste
Copy your certificate from the browser and paste it into the Cisco prompt. Your certificate has been stored as Entrust_Cert. You must now install the Entrust Root Certificate . Please verify which root certificate you need. You can obtain the root here: https://www.entrust.com/get-support/ssl-certificate-support/root-certificate-downloads/​ Simply copy and paste the root certificate into a text editor and save it as a entrustroot.crt

# ssl
# cert EntrustRoot create
# pem entrustroot.crt
Next, you will need to install the Entrust Intermediate Certificate (Cross Certificate) Copy the Cross Certificate from the browser and save it as entrustInt.crt. Use the following command to store this certificate:
# ssl
# cert EntrustInt create
# pem entrustInt.crt
# certgroup CACertGroup create
# cert EntrustInt
# cert EntrustRoot
# end 
You must now create a logical server:
# server server1 create
# ip address 10.1.2.4
# localport 443
# remoteport 81
# secpolicy myPol
# certgroup chain CACertGroup
# cert new_cert
# key new_key
# finished
# write flash
The certificate is now installed.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: Smart Phone users may use the 1-800 numbers shown in the table below.
Otherwise, it is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

Country Number
Australia 0011 - 800-3687-7863
1-800-767-513
Austria 00 - 800-3687-7863
Belgium 00 - 800-3687-7863
Denmark 00 - 800-3687-7863
Finland 990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France 00 - 800-3687-7863
Germany 00 - 800-3687-7863
Hong Kong 001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland 00 - 800-3687-7863
Israel 014 - 800-3687-7863
Italy 00 - 800-3687-7863
Japan 001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea 001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia 00 - 800-3687-7863
Netherlands 00 - 800-3687-7863
New Zealand 00 - 800-3687-7863
0800-4413101
Norway 00 - 800-3687-7863
Singapore 001 - 800-3687-7863
Spain 00 - 800-3687-7863
Sweden 00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland 00 - 800-3687-7863
Taiwan 00 - 800-3687-7863
United Kingdom 00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088