SSL Certificate will expire in 27 days

Answered Question
May 3rd, 2008
User Badges:

We have a VPN 3005 Concentrator. We got an email notification "SSL certificate will expire in 27 daysIssuer. CN=XXX.XXX.XXX.XXX,O=Cisco Systems, Inc.,L=Franklin,ST=Massachusetts,C=US,OU=VPN 3...Subject: CN=XXX.XXX.XXX.XXX,O=Cisco Systems,Inc.,L=Franklin,ST=Massachusetts,C=US,OU=VPN 3... Expiration Date: 05/31/2008"


Do you have any suggestions on how to fix this problem?


Thanks.


Correct Answer by JORGE RODRIGUEZ about 9 years 3 weeks ago

This applies to https management access to your vpn concentrator, you can have the concentrator self create a new certificate and install it in your pc that access the vpn for management, but you can uncheck client authentication which is default vpn concentrator thus not requiering certificate checks for network administrators accessing the device via ssl with certificate for client verification. The link bellow explains it and your question is there.


Your concentrator probably have checked client authentication. Again, you can uncheck that and not go through certificate management or recreate a new certificate and go through the process of managing and regenerating new certificates when they expire.


on concentrator you need to go to :

configuration/system/management protocols/ssl


See Q&A on your question

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_qanda_item09186a0080094cf4.shtml


HTH

Rgds

Jorge

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Sun, 05/04/2008 - 00:04
User Badges:
  • Green, 3000 points or more

This applies to https management access to your vpn concentrator, you can have the concentrator self create a new certificate and install it in your pc that access the vpn for management, but you can uncheck client authentication which is default vpn concentrator thus not requiering certificate checks for network administrators accessing the device via ssl with certificate for client verification. The link bellow explains it and your question is there.


Your concentrator probably have checked client authentication. Again, you can uncheck that and not go through certificate management or recreate a new certificate and go through the process of managing and regenerating new certificates when they expire.


on concentrator you need to go to :

configuration/system/management protocols/ssl


See Q&A on your question

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_qanda_item09186a0080094cf4.shtml


HTH

Rgds

Jorge

Actions

This Discussion