SSL Certificate will expire in 27 days

Answered Question
May 3rd, 2008

We have a VPN 3005 Concentrator. We got an email notification "SSL certificate will expire in 27 daysIssuer. CN=XXX.XXX.XXX.XXX,O=Cisco Systems, Inc.,L=Franklin,ST=Massachusetts,C=US,OU=VPN 3...Subject: CN=XXX.XXX.XXX.XXX,O=Cisco Systems,Inc.,L=Franklin,ST=Massachusetts,C=US,OU=VPN 3... Expiration Date: 05/31/2008"

Do you have any suggestions on how to fix this problem?

Thanks.

I have this problem too.
0 votes
Correct Answer by JORGE RODRIGUEZ about 8 years 7 months ago

This applies to https management access to your vpn concentrator, you can have the concentrator self create a new certificate and install it in your pc that access the vpn for management, but you can uncheck client authentication which is default vpn concentrator thus not requiering certificate checks for network administrators accessing the device via ssl with certificate for client verification. The link bellow explains it and your question is there.

Your concentrator probably have checked client authentication. Again, you can uncheck that and not go through certificate management or recreate a new certificate and go through the process of managing and regenerating new certificates when they expire.

on concentrator you need to go to :

configuration/system/management protocols/ssl

See Q&A on your question

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_qanda_item09186a0080094cf4.shtml

HTH

Rgds

Jorge

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Sun, 05/04/2008 - 00:04

This applies to https management access to your vpn concentrator, you can have the concentrator self create a new certificate and install it in your pc that access the vpn for management, but you can uncheck client authentication which is default vpn concentrator thus not requiering certificate checks for network administrators accessing the device via ssl with certificate for client verification. The link bellow explains it and your question is there.

Your concentrator probably have checked client authentication. Again, you can uncheck that and not go through certificate management or recreate a new certificate and go through the process of managing and regenerating new certificates when they expire.

on concentrator you need to go to :

configuration/system/management protocols/ssl

See Q&A on your question

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_qanda_item09186a0080094cf4.shtml

HTH

Rgds

Jorge

Actions

This Discussion