Jump to content
mashti

Installing GoDaddy SSL Certificates on a Cisco IOS Router using CLI

Recommended Posts

I have found the process of getting a GoDaddy certificate installed on an IOS router had, like many Cisco projects, become a research project. The process is poorly documented and much of the documented commands are outdated due to the changes in IOS. I hope this helps save some time and energy on your part.

 

I have found the process of getting a GoDaddy certificate installed on an IOS router had, like many Cisco projects, become a research project. The process is poorly documented and much of the documented commands are outdated due to the changes in IOS. I hope this helps save some time and energy on your part. Make sure your routers time is correct before starting. I suggest you setup NTP to keep the routers time correct. If the routers time is not correct, it will affect the certificate's functionality.

 

1. Create a 2048 bit RSA key. GoDaddy now only supports 2048 or greater key length for security reasons. On their site they claim that computer performance will be capable of breaking a 1024 bit key by 2012. Will that be the end of the world? :-)

Hidden Content

    Give reaction to this post to see the hidden content.

 

2. Create the trustpoint. A trustpoint is basically a certificate authority who you trust.

Hidden Content

    Give reaction to this post to see the hidden content.

 

3. You can get the certificate request by issuing the following commands:

Hidden Content

    Give reaction to this post to see the hidden content.

 

 

 

4. Paste the certificate request into the GoDaddy page to complete the request. The certificate request must be in the format below. You will need to add the begin and end lines. The begin and end certificate lines must be on separate lines or GD will give you an error. HINT: turn off word wrap in your text editor to ensure the format is proper.

Hidden Content

    Give reaction to this post to see the hidden content.

 

5. Once the Certificate is issued you will receive an email to download your certificates and the intermediates bundle. Save these certificates locally and open them in a text editor like Notepad or, preferably, Notepad++. Select server type "other" for the download.

 

6. The next step is to install the intermediate certificate bundle into the routers Trustpoint you created earlier. Run the command below. Copy the INTERMEDIATE certificate you opened in your text editor and paste into your terminal session when prompted. The certificate will be named gd_intermediate.crt.

 

Hidden Content

    Give reaction to this post to see the hidden content.

 

 

 

7. You will now install the actual certificate. Follow the same copy and paste procedure as above. Notice the command is different than the command used to install the GoDaddy intermediate certificate bundle.

Hidden Content

    Give reaction to this post to see the hidden content.

 

8. If everything went well, you should now have your certificates successfully installed. You can run the following commands to verify your certificate is properly installed. You should see both the intermediates and the issued certificate. Remember to exit config mode and save your configuration.

 

Hidden Content

    Give reaction to this post to see the hidden content.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...