SSL fails to enroll with MS CA using SCEP.

Unanswered Question
Aug 21st, 2009
User Badges:

When I try to enroll to get SSL certificate using SCEP I receive a message

R1(config)#crypto ca authenticate ca

Certificate has the following attributes:

Fingerprint MD5: D6E7527B 9BAFF7D3 5631CE4D 2A5BA341

Fingerprint SHA1: 67C695F8 B9BE93A9 8769947C FC3E3C9C 95B93B30

% Do you accept this certificate? [yes/no]: yes

Trustpoint CA certificate accepted.


R1(config)#crypto ca enroll google

% You must authenticate the Certificate Authority before you can enroll with it.

Why? I have already authenticate CA!



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sadbulali Thu, 08/27/2009 - 05:30
User Badges:
  • Bronze, 100 points or more

Are you trying to configure multiple CAs (trusted roots) using SCEP ? Verify the CA is enrolled already or not with this command show crypto key mypubkey rsa.

andrea.meconi@c... Thu, 08/27/2009 - 06:55
User Badges:


The correct command is

crypto ca enroll "ca name"

Anyway I have some problems with template from MS CA.

Thanks for help.




This Discussion