Creating and deleting key chain entries
To use KMS, you must create one or more key chain entries. An entry can be the pointer to a single time-independent key or a chain of time-dependent keys.
NOTE: The key chain information is copied to the standby management module (if redundancy is enabled and the standby module has passed self-test). | |
Syntax
[ no ] key-chain
chain_name
Generate or delete a key chain entry. Using the optional
no
form of the command deletes the key chain. Thechain_name
parameter can include up to 32 characters.
show key-chain
Displays the current key chains on the switch and their overall status.
For example, to generate a new key chain entry:
After adding an entry, assign keys to it for use by a KMS-enabled protocol.