cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
279
Views
0
Helpful
1
Replies

Pix upgrade

jigsaw2026
Level 1
Level 1

I've just upgraded a PIX535 from 6.3 to 7.01 - everything went fine but now I have the following lines in my config:

crypto ca trustpoint temp_migration_tp

crl configure

crypto ca certificate chain temp_migration_tp

certificate ca 410fa3f68158598e4c432dbfef444635

308202d4 3082027e a0030201 02021041 0fa3f681 58598e4c 432dbfef 44463530

0d06092a 864886f7 0d010105 05003081 89312730 2506092a 864886f7 0d010901

16186d61 726b2e64 7562696e 736b7940 692d6465 616c2e63 6f6d310b 30090603

55040613 02555331 11300f06 03550408 13084e65 7720596f 726b3111 300f0603

55040713 084e6577 20596f72 6b310d30 0b060355 040a1304 4d61726b 310d300b

06035504 0b130454 65737431 0d300b06 03550403 13044d79 4341301e 170d3033

31303138 31393132 31305a17 0d303831 30313831 39323033 395a3081 89312730

2506092a 864886f7 0d010901 16186d61 726b2e64 7562696e 736b7940 692d6465

616c2e63 6f6d310b 30090603 55040613 02555331 11300f06 03550408 13084e65

7720596f 726b3111 300f0603 55040713 084e6577 20596f72 6b310d30 0b060355

040a1304 4d61726b 310d300b 06035504 0b130454 65737431 0d300b06 03550403

13044d79 4341305c 300d0609 2a864886 f70d0101 01050003 4b003048 024100f0

29f03b45 c49c335d 10f07360 8a16b563 2e8126d4 b7877f2b c0e0a205 931b5f9c

d8f795e3 06775357 03d58ffe 72901763 8999e061 e07be6b9 cb6cd5fa 2e047502

03010001 a381bf30 81bc300b 0603551d 0f040403 0201c630 0f060355 1d130101

ff040530 030101ff 301d0603 551d0e04 160414a6 a11b3c6b b744fb3a 3fff341d

3b372632 629aba30 6b060355 1d1f0464 3062302e a02ca02a 86286874 74703a2f

2f6d7963 612e7465 73742e63 6f6d2f43 65727445 6e726f6c 6c2f4d79 43412e63

726c3030 a02ea02c 862a6669 6c653a2f 2f5c5c6d 7963612e 74657374 2e636f6d

5c436572 74456e72 6f6c6c5c 4d794341 2e63726c 30100609 2b060104 01823715

01040302 0100300d 06092a86 4886f70d 01010505 00034100 2ddd5fdb 06560ed6

89dfcfe0 bb0c9510 0c8e4bc6 b370b0c4 1d784c1d e0a18b2c ea74232f f3b7097b

b1e2b447 775ba68e ba471c9d e98856a2 f0e52345 b2952785

quit

I didn't have a ca trustpoint/certificate chain set up in my old config....what should I be doing with this? What are the implications of deleting it? I can't find anything about it on the Internet.

Any help much appreciated.

Thanks,

J

1 Reply 1

bbaley
Level 3
Level 3

You just remove the old certficate and create the new certificate for the client, It will work.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: