RSA公钥与证书的导出导入

泰克实验室塑造

r2(config)#crypto key export rsa aaaaa pem terminal des cisco123  显示出下面公钥和私钥,私钥是加了密的.
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMuUdYeje9Pox+80wny1sq7Pjv8hZlpN
JP0ll1lJ5grO9r2qj9hW0dg4cz3AMpF6A0tdlFQ9uB0msZtiCDJlwu8CAwEAAQ==
-----END PUBLIC KEY-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,B24F7646A5545AF5
n6FnSHjN3mbs63HyEQ5oSq53k5RbDZNCfeDdvpenhI+PkCYVVCAdarojMgt1ICJu
hjy3KLKhvxdxb57y79M4CEWY79HEeezT1Laf01WZKeLn0lYcRcKkZAVrTFVUiDL6
9LwwwGxcnLRYBSMRkhhguMq6qc4O1+64rzduEvNqxeQjR3OfhAhr+XkLlCydV44t
BkpkZAPnK1CktxxrX4oubwdeNJT884LdUEpLqV28pocaQ82lXSROcbQtZRCd+mLA
Osr6I3t50reHHwk1FCb9oJp7relYFosEn4xKJTN/J1V8zoCNyEUTdfWYJQy7vsu+
LnjzyZaODdGpSS0OzZ+AhUlSmYTKmyuyyT1C97+d3mENvOQIYPz3/Z9UYHHnq9ih
NGZdIuVwskfxxKoMd5dYtjA6y/b4fheuHshWbmVW0jM=
-----END RSA PRIVATE KEY-----
导到另一个设备上: 先导公钥再导私钥
sw(config)#crypto key import rsa abc pem terminal ciscocisco
% Enter PEM-formatted public General Purpose key or certificate.
% End with a blank line or "quit" on a line by itself.
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJvurZv/hbuizsuSj6f92GfPMntosxKc
s7RPYCkQF5/CcHqYUCTSqpTDgm5hVKa7SJ2rygjvmkiI5kvLxqi8be8CAwEAAQ==
-----END PUBLIC KEY-----
quit
% Enter PEM-formatted encrypted private General Purpose key.
% End with "quit" on a line by itself.
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,A93473D96316AC69
2nURufWvh7ivsyCb1knsCr4Xm+hRNT58lY9so3ZNBngyLxtjRuJbZ6j+DqWtDaKL
xyHMlvRt9roB/0UTGnIuxlX0SqNa9LOjt5hh54eW9UjAkenVXgvx5UZ8kTWU3Jqe
C6JWNVJ2jSiSeyezVfacW2ptcoEC2FbrUHES0DdlTUU2B55yv465Enm0KSvezsK5
ZhKftsAr//G6XK4qohy2YauQEW0/BrcWlEfwiBeQCEfPFV8JnOz8ixd0BhphM8o9
NtlNx5x9szZD0yrjbNW432+qV+S8Pf4foOdtIOO8CEflw8oqLpOm4OBS4RteQvlS
nrLm0VLnNMkXbVA7I+MCxGiYhSL1STj4v/mg5/DAVu3GkkgJYvS8N48esVAF6RYx
rYh26t6wRo/kb6YpU5sHcMVnXfxjNL26OykBYhNzwtiF7SOhyXPPaQ==
-----END RSA PRIVATE KEY-----
quit
% Key pair import succeeded.


导签名证书,如果写的trustpoint为CA的,则为导CA证书.如果trustpoint为client端的写client端的trustpoint名字
r2(config)#crypto ca export r2 pem terminal des cisco123   导入的时候也用这个密钥:cisco123
% The specified trustpoint is not enrolled (r2).
% Only export the CA certificate in PEM format.
% CA certificate:
-----BEGIN CERTIFICATE-----
MIIB8zCCAVygAwIBAgIBATANBgkqhkiG9w0BAQQFADANMQswCQYDVQQDEwJyMjAe
Fw0xMDAxMjMxODM4NTVaFw0xMzAxMjIxODM4NTVaMA0xCzAJBgNVBAMTAnIyMIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD1tSsbvhEyRbig4kocFaZsOI4rHibU
ssE7YJK8Ilt+pJUAShH30sHfTzncBY/nTWLDCmRBUZhvk4YnfklEvOXN0wmLLmbJ
vadgGF186zWX7LUuZ1K2bGof67wF15XU9bZLE2BmmaO7+sBoiQ8Edo3H93Wt2LwK
x09gUJGHVkZOkwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
AwIBhjAfBgNVHSMEGDAWgBQhrvwJFzOBNdTaTznIIZ4MILjQtzAdBgNVHQ4EFgQU
Ia78CRczgTXU2k85yCGeDCC40LcwDQYJKoZIhvcNAQEEBQADgYEAefx22XTBQAU7
bhIJ9U2yVu/rAo2Geroxx8LgHRI2UkuVBwH0G/CV+hJOAy4geweFNB5WKNlBOvrn
KB/n4+wkxOd475cZhPsLfAKuFp8zUxeaTO7cvkTQMCpBqCLLjfV3QVk7jOQzw5//
E4AoSgmAGcjulQz+42sXfjrypfT3DII=
-----END CERTIFICATE-----

phil

Thanks for your information.