2-8
Catalyst 6500 Series Switch SSL Services Module Command Reference
OL-9105-01
Chapter2 Commands for the Catalyst 6500 Series SSL Services Module
crypto pki export pem
You can change the default file extensions when prompted. The default file extensions are as follows:
• public key (.pub)
• private key (.prv)
• certificate (.crt)
• CA certificate (.ca)
• signature key (-sign)
• encryption key (-encr)
Note In SSL software release 1.2, only the private key (.prv), the server certificate (.crt), and the issuer CA
certificate (.ca) of the server certificate are exported. To export the whole certificate chain, including all
the CA certificates, use a PKCS12 file instead of PEM files.
Examples This example shows how to export a PEM-formatted file on the SSL Services Module:
ssl-proxy(config)# crypto ca export TP5 pem url tftp://10.1.1.1/tp99 3des password
% Exporting CA certificate...
Address or name of remote host [10.1.1.1]?
Destination filename [tp99.ca]?
% File 'tp99.ca' already exists.
% Do you really want to overwrite it? [yes/no]: yes
!Writing file to tftp://10.1.1.1/tp99.ca!
% Key name: key1
Usage: General Purpose Key
% Exporting private key...
Address or name of remote host [10.1.1.1]?
Destination filename [tp99.prv]?
% File 'tp99.prv' already exists.
% Do you really want to overwrite it? [yes/no]: yes
!Writing file to tftp://10.1.1.1/tp99.prv!
% Exporting router certificate...
Address or name of remote host [10.1.1.1]?
Destination filename [tp99.crt]?
% File 'tp99.crt' already exists.
% Do you really want to overwrite it? [yes/no]: yes
!Writing file to tftp://10.1.1.1/tp99.crt!
ssl-proxy(config)#
Related Commands crypto pki import pem
