Cisco VPN 3000 install certificates

Unanswered Question
Jul 26th, 2007
User Badges:


I have done the following based on the documentation for the Cosco VPN 3000:


Tasks Summary

Whether you use SCEP or the manual method, you perform the following tasks

to obtain and install certificates:

1.. Obtain and install one or more CA certificate(s).

2.. Create an enrollment request for one or more identity certificates.

3.. Request an identity certificate from the same CA that issued the CA


4.. Install the identity certificate on the VPN Concentrator.

5.. Enable CRL checking and caching.

6.. Enable certificates.


For step 5 CRL checking I did the following below:

For the CRL Retrieval Policy

I selected the below option:

Use CRL distribution points embedded in certificate being checked

but after I click on the link: Certificate Authorities [ View All CRL Caches

it does not show any CRL in Cache:

When I bring up the web site it still has the certificate from the SSL

Certificates from the Public interface instead of what I have within my

Identify Certificates. I presume that it is because I have no CRLs in Cache

but how do I get the CRLs in cache?



John J. Mitchell

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
murabi Wed, 08/01/2007 - 13:09
User Badges:

Under X.509, CAs revoke certificates by periodically issuing a signed CRL, where each revoked certificate is identified by its serial number.


This Discussion