I have a PIX 515E 6.3(5) and I have a problem I simply cannot find an answer for!
We use a certificate for a VPN we have with a 3rd party, and the certificate is due for renewal in the next couple of weeks. The guy that did this originally has left the company and I've never done this before. I'm pretty certain he generated the original certificate request on this firewall.
I have this information (names changed, serials altered, etc):
ca identity mydomain.com 216.x.x.39:/cgi-bin
ca configure mydomain.com ca 1 20 crloptional
myfirewall# sh ca cert
Certificate Serial Number: xxx
Key Usage: General Purpose
UNSTRUCTURED NAME = myfirewall.mydomain.com + CN = myfirewall.mydomain.com
start date: 00:00:00 UTC Aug 24 2006
end date: 23:59:59 UTC Aug 24 2007
I've looked at using the ca enroll command but I need to keep this VPN up while the certificate is renewed if possible.
Any help greatly appreciated!