52ec06ce 094882a7 4a7275a6 af1b738f 29d1124d 21e49b2a 3b0b7f2f fe31f0cc
178ddbfe a587a7a9 83aa0601 e86e7de4 3ca78f60 89a758bf 4c1247ba cb020301
0001"
•
Example 2—Configures the public key for a remote peer with the FQDN
sales.company_xyz.com, using ' (single quotation mark) as the key string delimiter
character
host1(config)#
ipsec key pubkey-chain rsa name sales.company_xyz.com
host1(config-peer-public-key)#
key-string '
Enter remainder of text message. End with the character '''.
30820122 300d0609 2a864886 f70d0101 01050003 82010f00 3082010a 02820101
00c03cc6 0bad55ea b4f8a01f 5cf69de5 f03185e2 1338b5cb fa8418c3 6cbe1a77
bfefba5b 7a8f0ac2 6e2b223b 11e3c316 a30f7fb0 7bd2ab8a a614bb3d 2fce97bf
d6376467 0d5d1a16 d630c173 3ed93434 e690f355 00128ffb c36e72fa 46eae49a
5704eabe 0e34776c 7d243b8b fcb03c75 965c12f4 d68c6e63 33e0207c a985ffff
2422fb53 23d49dbb f7fd3140 a7f245ee bf629690 9356a29c b149451a 691a2531
9787ce37 2601bdf9 1434b174 4fd21cf2 48e10f58 9ac89df1 56e360b1 66fb0b3f
27ad6396 7a491d74 3b8379ea be502979 8f0270b2 6063a474 fadc5f18 f0ca6f7a
ddea66c7 cf637598 9cdb5087 0480af29 b9c174ab 1b1d033f 67641a8c 5918ddce
1f020301 0001'
•
Example 3—Configures the public key for a remote peer with the user FQDN
[email protected]_xyz.com, using lowercase x as the key string delimiter character
host1(config)#
ipsec key pubkey-chain rsa name [email protected]_xyz.com
host1(config-peer-public-key)#
key-string x
Enter remainder of text message. End with the character 'x'.
30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00bcc106
8694a505 0b92433e 4c27441e 3ad8955d 5628e2ea 5ee34b0c 6f82c4fd 8d5b7b51
f1a3c94f c4373f9b 70395011 79b4c2fb 639a075b 3d66185f 9cc6cdd1 6df51f74
cb69c8bb dbb44433 a1faac45 10f52be8 d7f2c8cd ad5172a6 e7f14b1c bba4037b
29b475c6 ad7305ed 7c460779 351560c6 344ccd1a 35935ea3 da5de228 bd020301
0001x
•
There is no
no
version. Use the
no
version of the
ipsec key pubkey-chain rsa
command
to remove the peer public key from the router.
•
See key-string.
Monitoring Digital Certificates and Public Keys
Use the following
show
commands to display information about IKE certificates, IKE
configurations, CRLs, public keys, and peer public keys.
show ipsec ca identity
•
Use to display information about IKE CA identities used by the router for online digital
certificate configuration. You can display information for a specific CA or for all CAs
configured on the router.
•
Field descriptions
Copyright © 2010, Juniper Networks, Inc.
228
JunosE 11.2.x IP Services Configuration Guide
Содержание JUNOSE 11.2.X IP SERVICES
Страница 6: ...Copyright 2010 Juniper Networks Inc vi...
Страница 8: ...Copyright 2010 Juniper Networks Inc viii JunosE 11 2 x IP Services Configuration Guide...
Страница 18: ...Copyright 2010 Juniper Networks Inc xviii JunosE 11 2 x IP Services Configuration Guide...
Страница 22: ...Copyright 2010 Juniper Networks Inc xxii JunosE 11 2 x IP Services Configuration Guide...
Страница 28: ...Copyright 2010 Juniper Networks Inc 2 JunosE 11 2 x IP Services Configuration Guide...
Страница 116: ...Copyright 2010 Juniper Networks Inc 90 JunosE 11 2 x IP Services Configuration Guide...
Страница 144: ...Copyright 2010 Juniper Networks Inc 118 JunosE 11 2 x IP Services Configuration Guide...
Страница 230: ...Copyright 2010 Juniper Networks Inc 204 JunosE 11 2 x IP Services Configuration Guide...
Страница 262: ...Copyright 2010 Juniper Networks Inc 236 JunosE 11 2 x IP Services Configuration Guide...
Страница 294: ...Copyright 2010 Juniper Networks Inc 268 JunosE 11 2 x IP Services Configuration Guide...
Страница 328: ...Copyright 2010 Juniper Networks Inc 302 JunosE 11 2 x IP Services Configuration Guide...
Страница 345: ...PART 2 Index Index on page 321 319 Copyright 2010 Juniper Networks Inc...
Страница 346: ...Copyright 2010 Juniper Networks Inc 320 JunosE 11 2 x IP Services Configuration Guide...
Страница 356: ...Copyright 2010 Juniper Networks Inc 330 JunosE 11 2 x IP Services Configuration Guide...