Destroying a local asymmetric key pair
To avoid key compromise, destroy the local key pair and generate a new one after any of the following conditions occurs:
An intrusion event has occurred.
The storage media of the device is replaced.
The local certificate has expired. For more information about local certificates, see "Configuring PKI."
To destroy a local asymmetric key pair:
Step | Command |
---|---|
1. Enter system view. | system-view |
2. Destroy a local asymmetric key pair. | public-key local destroy { dsa | ecdsa | rsa } |