VPN Concentrator 3000 - "Error installing trusted certificate"

mattiaseklof · ‎10-13-2003

When trying to install a new Root CA cetificate (having no previously installed CA certificates), on a VPN 3000 Concentrator Series, the built-in Concentrator Manager reports the error "Error installing trusted certificate: Unable to install trusted certificate".

My suspicion is that the error is related to the certificate being of type X.509v1, but the rudimenatry characteristics of the error message keeps me from taking my investigation much further. Atemps to find explanation outside the VPN Manager has ben fruitless.

Any atempts at trying to explain the technical meaning behind this error would be appreciated. If the problem is related to the certificate type, details as to what differences between X.509v1 and X.509v3 are behind it would be helpful. The concentrator is running software image file vpn3005-4.0.1.E-k9.bin.

Thanks in advance,

Mattias Eklöf

drolemc · ‎10-17-2003

What is the keylength that you are using. The concentrator can accept a maximum key length of 2048 bit. Also, the process required to install the digital certificate is accessible at http://www.cisco.com/warp/public/471/installdigital.html. See if you have missed out something.

mattiaseklof · ‎10-19-2003

Thanks for your response.

The used key length is 1024 bits, and thus shouldn't be causing any trouble. I can't see what part of the CA certificate installation process that I might have missed out either. Installing other CA certificates is no problem.