key-type

Syntax

key-type {rsa [key-size <K-SIZE>] | ecdsa [curve-size <C-SIZE>]}

Description

Sets the key type and key size for the current leaf certificate. The key type of the default certificate local-cert cannot be changed.

Command context

config-cert-<CERT-NAME>

Parameters

rsa
Specifies the key type as RSA.
key-size <K-SIZE>
Specifies the RSA key size in bits. Supported values: 2048, 3072, 4096. Default: 2048
ecdsa
Specifies the key type as ECDSA.
curve-size <C-SIZE>
Specifies the ECDSA elliptic curve size in bits. Supported values: 256, 348, 521. Default: 256

Authority

Administrators or local user group members with execution rights for this command.

Examples

Setting RSA encryption on the leaf certificate leaf-cert:

switch(config)# crypto pki certificate leaf-cert
switch(config-cert-leaf-cert)# key-type rsa key-size 3072

Setting ECDSA encryption on the leaf certificate leaf-cert:

switch(config)# crypto pki certificate leaf-cert
switch(config-cert-leaf-cert)# key-type ecdsa curve-size 521