07-02-2010 04:49 AM - edited 03-10-2019 05:02 AM
Dear All,
I have doubt on host certificate:
I have two AIP-SSM module shows different host certificate value though i have installed/configured both on same date.
I am not very sure what this host certificate is.. could any1 help me to understand it.. and what is impect if it doesnt match...
IPS in Active ASA:
Host Certificate Valid from: 12-Jan-2009 to 13-Jan-2011
IPS in standby ASA:
Host Certificate Valid from: 04-Jun-2009 to 05-Jun-2011
Regards
Amar
Solved! Go to Solution.
07-02-2010 11:14 AM
Amar;
The host certificate is used for establishing secure communication between the sensor and managing devices such as IPS Manager Express, CS-MARS, etc. It can be re-generated from the CLI by issuing:
tls generate-key
It will be valid for two years from the date it was generated.
Scott
07-02-2010 11:14 AM
Amar;
The host certificate is used for establishing secure communication between the sensor and managing devices such as IPS Manager Express, CS-MARS, etc. It can be re-generated from the CLI by issuing:
tls generate-key
It will be valid for two years from the date it was generated.
Scott
07-03-2010 01:32 AM
Thanks scott,
Does it require any license or any other details to genrate... or i can simply issue the command "tls generate-key" and it will work...
Regards
Amar...
07-04-2010 02:17 PM
The certificate is self-signed and not tied to the licensing function.
Thank you,
Blayne Dreier
Cisco TAC IDS Team
**Please check out our Podcast**
TAC Security Show: http://www.cisco.com/go/tacsecuritypodcast
07-19-2010 03:11 AM
Thanks..
Its working now..
Regards
Amar
02-09-2011 05:31 AM
Thanks. My problem started when i could no longer communicate to the sensor and IME was displaying "not connected" for one of my senors. I actually unistalled Cisco IME, Upgrade to version 7.0.3 and then notice i was getting an error in regards to the Certificate. I came across this forum and it solved my problem in a matter of seconds. Thanks.
Ricky Morales
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: