Can someone please direct me to documentation on how can I use the internal CA of my Cisco router to produce "end-user certificates" which can be used (later on) as credentials for a VPN connection to this router?
1. I need some strong authentication method for my remote-access VPN users. Naturally, certificates will do the trick.
2. Because I don't have (at this point) a dedicated PKI server, I decided to use the IOS capabilities of being a PKI server (CA).
3. Is it possible to generate a certificate by the means of Cisco IOS software, copy the results (hopefully, a PKCS#12 file for each user) to a TFTP and eventually authenticate to the box with it?
Thanks in advance,