Skip to main content

Certificate Services Support

Please issue the following commands to create your private key:
# config 
# ssl 
# key new_key create 
# genrsa bits 1024 encrypt des output entrust_key

You can specify up to 2048 as the bit length for the key. You must enter a password this key. Do not forget this password.
Please issue the following command to create your CSR:
# gencsr key entrust_key

This command uses entrust_key as the identifier for the key that was just generated. The CSR must correspond to a key that you have created. You will need to specify the following fields in your CSR:
Common name: Enter the domain that is to be secured on the certificate. This is usually a fully qualified domain name (e.g.
Organization: Enter the legal business name of the organization.
Organizational Unit: Enter the your department name (e.g. IT).
City/Locality: The city in which your company is currently located.
State/Province: The state in which your company is currently located.
Country/Region: Select your country/Region.
First, you must install your webserver certificate. Copy your certificate from the browser and paste it into a text editor. Save it as a .crt file.
You can install your certificate by using the following command
# enable
# configure
# cert Entrust_cert create
# pem-paste

Copy your certificate from the browser and paste it into the Cisco prompt. Your certificate has been stored as Entrust_Cert.
You must now install the Entrust Root Certificate. Please verify which root certificate you need. You can obtain the root here:
Simply copy and paste the root certificate into a text editor and save it as a entrustroot.crt
# ssl 
# cert EntrustRoot create 
# pem entrustroot.crt

Next, you will need to install the Entrust Intermediate Certificate (Cross Certificate)
Copy the Cross Certificate from the browser and save it as entrustInt.crt. Use the following command to store this certificate:
# ssl 
# cert EntrustInt create 
# pem entrustInt.crt

# certgroup CACertGroup create 
# cert EntrustInt
# cert EntrustRoot
# end 
You must now create a logical server:
# server server1 create 
# ip address 
# localport 443 
# remoteport 81 
# secpolicy myPol 
# certgroup chain CACertGroup 
# cert new_cert 
# key new_key 
# finished 
# write flash

The certificate is now installed.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: 

Hours of Operation: 
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: Smart Phone users may use the 1-800 numbers shown in the table below.
Otherwise, it is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call. 

Australia0011 - 800-3687-7863
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088
Entrust Enters Exclusive Discussions to Acquire Onfido