10-27-2007 11:41 PM - edited 03-09-2019 07:07 PM
Hi,
Can anyone advise me on what is the cause of the problem (Manually install 3rd party Vendor for use with WebVPN configuration version 8.0) ?
i have follow the configuration example and found this error message via CLi
Appreciated any kind reply.
FO: Certificate has the following attributes:
Fingerprint: 713cdfee 53530e1e 06fa7a41 b78a7779
Do you accept this certificate? [yes/no]: y
Trustpoint 'xx.Entrust.TrustPoint' is a subordinate CA and holds a non self-signed certificate.
Trustpoint 'xx.Entrust.TrustPoint' is a subordinate CA.
but certificate is not a CA certificate.
Manual verification required
Trustpoint CA certificate accepted.
% Certificate successfully imported
PHS-ASA(config)# CRYPTO_PKI: Cert record not found, returning E_NOT_FOUND
CRYPTO_PKI: No suitable trustpoints found to validate certificate serial number: 469C84D9, subject name: cn=xxxx.xxxx.com.xx,ou=IT,o=xxxxxxxx,l=xxx,c=xx.
CRYPTO_PKI: Cert record not found, returning E_NOT_FOUND
Current Certificate list contents:
Certificate 1:
SERIAL: 469c84d9
ISSUER: cn=Entrust.net Secure Server Certification Authority,ou=(c) 1999 Entrust.net Limited,ou=www.entrust.net/CPS incorp. by ref. (limits liab.),o=Entrust.net,c=US
CRYPTO_PKI: crypto_process_ra_certs(trust_point=PW.Entrust.TrustPoint)INFO: Certificate has the following attributes:
^
PHS-ASA(config)# ISSUER: cn=Entrust.net Secure Server Certification Authorit$
ISSUER: cn=Entrust.net Secure Server Certification Authority,ou=(c) 1999 Entrust.net Limited,ou=www.entrust.net/CPS incorp. by ref. (limits liab.),o=Entrust.n
et,c=US
11-01-2007 03:35 PM
If you get a certificate from a trusted 3rd party (i.e. Verisign/Thawte/etc.) to install on the appliance then you shouldn't get the certificate warning pop-ups for anything that's encrypted by the SSL VPN appliance. For some certificates manual install maybe the only way. You need to check with the issuer of certificate for a such problem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide