08-31-2007 05:58 AM
Hi All,
Im a little confused I have added a Verisign cert to our 2851 router. The issue is I cant select it to be used by the WebVPN or HTTPS router access it only lets me choose the Self Cert.
??
Many Thanks
Paul
08-31-2007 11:55 AM
You have enrolled it as a Self certificate only that is why.
You see your certificate by CRYPTO PKI CERTIFICATES
You will see your signature and etc. By that you can confirm it, which did input is there same??
Second, Be sure about your domain and below sample configuration:
ip domain name cisco.com
ip name-server 172.18.138.14
!
crypto pki trustpoint win2k3
enrollment mode ra
enrollment url http://nsite-ipsec5:80/certsrv/mscep/mscep.dll
serial-number
fqdn VXR-SSL-AGG.cisco.com
revocation-check crl
rsakeypair rsakey
!
!
crypto pki certificate chain win2k3
certificate 12DF1640000000000009
certificate ca 18D72EA3CA8438B7423E4553363F9E85
!
http://www.cisco.com/en/US/products/ps6657/products_white_paper0900aecd8051ac50.shtml
Regards,
Dharmesh Purohit
09-03-2007 04:41 AM
Hi I have looked at all these and they look ok. Here is the Sh Crypto PKI Cert
CA Certificate
Status: Available
Certificate Serial Number: 0095261DF09C92DAFC40E1BAC17FFB4868
Certificate Usage: General Purpose
Issuer:
cn=EssentialSSL CA
o=COMODO CA Limited
l=Salford
st=Greater Manchester
c=GB
Subject:
cn=breakwaterit
ou=Free SSL
ou=Domain Control Validated
CRL Distribution Points:
http://crl.comodoca.com/EssentialSSLCA.crl
Validity Date:
start date: 01:00:00 Berlin Aug 31 2007
end date: 00:59:59 Berlin Nov 30 2007
Associated Trustpoints: SSLCA
Storage: nvram:EssentialSSL#4868CA.cer
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: