506 Web ServerCommand ModeGlobal Configuration mode.User Guidelines• The command is not saved in the device configuration; however, the certificate and keys generated bythis command are saved in the private configuration (which is never displayed to the user or backed upto another device).• Use this command to generate a self-signed certificate for the device.• If the RSA keys do not exist, parameter key-generate must be used.• When you export an RSA key pair to a PKCS#12 file, the RSA key pair is as secure as the passphrase.Therefore, keep the passphrase secure.ExampleThe following example regenerates an HTTPS certificate.crypto certificate requestThe crypto certificate request Privileged EXEC mode command generates and displays certificaterequests for HTTPS.Syntax• crypto certificate number request [cn common- name ][ou organization-unit][or organization] [loclocation] [st state] [cu country]• number — Specifies the certificate number. (Range: 1 - 2)• cn common- name — Specifies the fully qualified URL or IP address of the device.(Range: 1 - 64)• ou organization-unit — Specifies the organization-unit or department name. (Range: 1 - 64)• or organization — Specifies the organization name. (Range: 1 - 64)• loc location — Specifies the location or city name. (Range: 1 - 64)• st state — Specifies the state or province name. (Range: 1 - 64)• cu country — Specifies the country name. (Range: 1 - 2)Default ConfigurationThere is no default configuration for this command.Console(config)# crypto certificate 1 generate key-generatebook.book Page 506 Thursday, December 18, 2008 7:40 PM