Rehosting a software license - Cisco License Call Home. Note: If the switch is running a software image earlier than Cisco IOS 12.2(46)SE, to run IP base feature - remove the IP services license from the switch, save the switch running configuration, and reload the switch. The system serial number for this type of equipment 2) The Cisco IOS type and version shown for these models 3) The name of the preferred SW image 4) How much NVRAM is present on the models. Step 1: Get a Cisco serial number. We’ll use FOC0849N1BD. The serial number can be obtained by looking at the rear of the device and it will be a white sticker with black printed letter, alternatively enter the command “show version” onto the command line and look for the serial number in the output.
Cisco Ios Free Download
Configure a certificate compatible with Cisco IOS by XCA on Ubuntu.
- Export a CA certificate in PEM-encoding on XCA:
Cisco Ios 15 License Keygen Key
Click an image to zoom in.
Open the saved certificate file (TestCA.crt) by text editor.
-----BEGIN CERTIFICATE----- MIIDUjCCAjqgAwIBAgIBATANBgkqhkiG9w0BAQUFADBNMQswCQYDVQQGEwJKUDEO MAwGA1UECBMFVG9reW8xEDAOBgNVBAoTB2V4YW1wbGUxHDAaBgNVBAMTE2Npc2Nv .... aEXQ/TpHN3IQ5DwOakXFdbNgP1uP8IhvDLB7wnPY1cJpIFU4CB0= -----END CERTIFICATE----- |
- Generate RSA keys and create a Certificate Signing Request (CSR) on Cisco IOS (cisco1.example.com)
See Command References for Cisco IOS 15.1M&T for more details.
router(config)# show version .... Cisco IOS Software, 1841 Software (C1841-ADVSECURITYK9-M), Version 15.1(4)M8, RELEASE SOFTWARE (fc2) .... Cisco 1841 (revision 7.0) with 239616K/22528K bytes of memory. .... |
router(config)# hostname cisco1 cisco1(config)# ip domain example.com |
cisco1(config)# crypto key generate rsa modulus 2048 general-keys The key modulus size is 2048 bits Generating 2048 bit RSA keys, keys will be non-exportable...[OK] |
cisco1(config)# crypto pki trustpoint ciscoca cisco1(ca-trustpoint)# enrollment terminal cisco1(ca-trustpoint)# fqdn none cisco1(ca-trustpoint)# ip-address none cisco1(ca-trustpoint)# subject-name CN=cisco1.example.com,O=example,ST=Tokyo,C=JP cisco1(ca-trustpoint)# rsakeypair cisco1.example.com cisco1(ca-trustpoint)# revocation-check none cisco1(ca-trustpoint)# exit |
cisco1(config)# crypto pki authenticate ciscoca Enter the base 64 encoded CA certificate. End with a blank line or the word 'quit' on a line by itself (Paste the PEM-encoded contents of above TestCA.crt. The PEM header and footer are not included.) MIIDUjCCAjqgAwIBAgIBATANBgkqhkiG9w0BAQUFADBNMQswCQYDVQQGEwJKUDEO MAwGA1UECBMFVG9reW8xEDAOBgNVBAoTB2V4YW1wbGUxHDAaBgNVBAMTE2Npc2Nv .... aEXQ/TpHN3IQ5DwOakXFdbNgP1uP8IhvDLB7wnPY1cJpIFU4CB0= Do you accept this certificate? [yes/no]: yes Trustpoint CA certificate accepted. Certificate successfully imported cisco1(config)# exit cisco1# show crypto pki certificates ... CA Certificate Status: Available Certificate Serial Number (hex): 01 Certificate Usage: General Purpose Issuer: cn=testca.example.com o=example st=Tokyo c=JP Subject: cn=testca.example.com o=example st=Tokyo c=JP Validity Date: start date: xxxx end date: xxxx Associated Trustpoints: ciscoca Storage: nvram:ciscocaexamp#1CA.cer |
cisco1(config)# crypto pki enroll ciscoca Start certificate enrollment .. .... Include the router serial number in the subject name? [yes/no]: no .... Display Certificate Request to terminal? [yes/no]: yes Certificate Request follows: MIICsjCCAZoCAQAwTDELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRAwDgYD VQQKEwdleGFtcGxlMRswGQYDVQQDExJjaXNjbzEuZXhhbXBsZS5jb20wggEiMA0G .... KKdrWOkisCNsOfivsOPXoA5Cw53aVQ |
Copy the displayed Certificate Request (CSR) contents (PEM), paste into a file by text editor and then save it as cisco1.example.com.csr.
Click an image to zoom in.
Before saving the file, you need to add the PEM header and footer like this:
-----BEGIN CERTIFICATE REQUEST----- MIICsjCCAZoCAQAwTDELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRAwDgYD
VQQKEwdleGFtcGxlMRswGQYDVQQDExJjaXNjbzEuZXhhbXBsZS5jb20wggEiMA0G
....
KKdrWOkisCNsOfivsOPXoA5Cw53aVQ
-----END CERTIFICATE REQUEST-----
- Sign and export a new certificate for cisco1.example.com by XCA:
- Import the Certificate Signing Request (CSR) for cisco1.example.com.
- Sign a certificate for cisco1.example.com by TestCA.
- Export the certificate to a PEM file.
- File name: cisco1.example.com.crt - Open the signed certificate file (cisco1.example.com.crt) by text editor and copy the contents without the PEM header and footer.
Click an image to zoom in.
Click an image to zoom in.
Click an image to zoom in.
- Import the signed certificate into Cisco IOS (cisco1.example.com)
cisco1(config)# crypto pki import ciscoca certificate Enter the base 64 encoded certificate. End with a blank line or the word 'quit' on a line by itself (Paste the certificate contents copied from the text editor above.) MIIDTzCCAjegAwIBAgIBAjANBgkqhkiG9w0BAQUFADBMMQswCQYDVQQGEwJKUDEO MAwGA1UECBMFVG9reW8xEDAOBgNVBAoTB2V4YW1wbGUxGzAZBgNVBAMTEnRlc3Rj .... pS/8x8Azvi9uXDp/Uv8FX5WtgmctUAqYlHogq9FN/PsSKNU= Router Certificate successfully imported |
cisco1# show crypto pki certificates Certificate Status: Available Certificate Serial Number (hex): 03 Certificate Usage: General Purpose Issuer: cn=testca.example.com o=example st=Tokyo c=JP Subject: Name: cisco1.example.com cn=cisco1.example.com o=example st=Tokyo c=JP Validity Date: start date: xxxxxx end date: xxxxxx Associated Trustpoints: ciscoca Storage: nvram:ciscocaexamp#2.cer CA Certificate Status: Available Certificate Serial Number (hex): 01 Certificate Usage: General Purpose Issuer: cn=ciscoca.example.com o=example st=Tokyo c=JP Subject: cn=ciscoca.example.com o=example st=Tokyo c=JP Validity Date: start date: xxxxxx end date: xxxxxx Associated Trustpoints: ciscoca Storage: nvram:ciscocaexamp#1CA.cer cisco1# show crypto pki trustpoints status Trustpoint ciscoca: Issuing CA certificate configured: Subject Name: cn=testca.example.com,o=example,st=Tokyo,c=JP Fingerprint MD5: xxxxxx AE222650 xxxxxx 3CE7EFFC Fingerprint SHA1: xxxxxx 88837420 xxxxxx 55B0EC8E xxxxxx Router General Purpose certificate configured: Subject Name: cn=cisco1.example.com,o=example,st=Tokyo,c=JP Fingerprint MD5: xxxxxx 1DC1EACB xxxxxx 8C16CA3E Fingerprint SHA1: xxxxxx 3C2DBF77 xxxxxx D35604A3 xxxxxx State: Keys generated ............. Yes (General Purpose, non-exportable) Issuing CA authenticated ....... Yes Certificate request(s) ..... Yes |