CA

breakwaterit · ‎08-31-2007

Hi All,

Im a little confused I have added a Verisign cert to our 2851 router. The issue is I cant select it to be used by the WebVPN or HTTPS router access it only lets me choose the Self Cert.

??

Many Thanks

Paul

purohit_810 · ‎08-31-2007

You have enrolled it as a Self certificate only that is why.

You see your certificate by CRYPTO PKI CERTIFICATES

You will see your signature and etc. By that you can confirm it, which did input is there same??

Second, Be sure about your domain and below sample configuration:

ip domain name cisco.com

ip name-server 172.18.138.14

!

crypto pki trustpoint win2k3

enrollment mode ra

enrollment url http://nsite-ipsec5:80/certsrv/mscep/mscep.dll

serial-number

fqdn VXR-SSL-AGG.cisco.com

revocation-check crl

rsakeypair rsakey

!

crypto pki certificate chain win2k3

certificate 12DF1640000000000009

certificate ca 18D72EA3CA8438B7423E4553363F9E85

!

http://www.cisco.com/en/US/products/ps6657/products_white_paper0900aecd8051ac50.shtml

Regards,

Dharmesh Purohit

breakwaterit · ‎09-03-2007

Hi I have looked at all these and they look ok. Here is the Sh Crypto PKI Cert

CA Certificate

Status: Available

Certificate Serial Number: 0095261DF09C92DAFC40E1BAC17FFB4868

Certificate Usage: General Purpose

Issuer:

cn=EssentialSSL CA

o=COMODO CA Limited

l=Salford

st=Greater Manchester

c=GB

Subject:

cn=breakwaterit

ou=Free SSL

ou=Domain Control Validated

CRL Distribution Points:

http://crl.comodoca.com/EssentialSSLCA.crl

Validity Date:

start date: 01:00:00 Berlin Aug 31 2007

end date: 00:59:59 Berlin Nov 30 2007

Associated Trustpoints: SSLCA

Storage: nvram:EssentialSSL#4868CA.cer