I have setup a Win2003 Server where I install a CA/RA server for SCEP enrollment of my ASA5510. I entered the following config on the ASA:
crypto key generate rsa
crypto ca trustpoint MYTRUSTPOINT
enrollment url http://x.x.x.x/certsrv/mscep/mscep.dll
Meanwhile I configured the CA Server for SCEP support by intalling the mscep executable from the Resource Kit.
If I try to get the CA's Certificate using crypto ca authenticate MYTRUSTPOINT, i only get this error messages on my ASA console:
Crypto CA thread wakes up!
CRYPTO_PKI: Sending CA Certificate Request:
GET /certsrv/mscep/mscep.dll/pkiclient.exe?operation=GetCACert&message=ITSS HTTP
CRYPTO_PKI: http connection opened
CRYPTO_PKI: Unable to read CA/RA certificates.Crypto CA thread sleeps!
ERROR: receiving Certificate Authority certificate: status = FAIL, cert length = 0
I have tried to reinstall the CA and SCEP over and over again but I still get the same error all the time. Is there anything wrong with my config?
Please help me with my problem. I promise to give 5-points to anybody who can help me solve my problem. Thank you in advance.