How to manage with root cetificate exchange

Unanswered Question
Apr 1st, 2010


we have ipsec tunnels with about 150 Cisco routers that are conneted to the HQ routers through CA.

But CA is expiring within few days and we have to create new one.

This step is pretty awful cause it will unplugged the branch routers for couple of hours

The problem is that the crypto map cannot use different CA than the root one

For exapmle if I would enroll another root certificate and that pair with the crypto map, that I would be able to re-configure branch by branch

But there is no option in the IOS to do it like this

Do yo have any idea how this proccess can be managed ?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion