Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1647
Views
0
Helpful
0
Comments

Cannot install SSL certificate on VPN 3000 series Concentrator for remote administration after upgrading software

TCC_2
Level 10
Level 10

on ‎06-22-2009 05:11 PM

Core issue

When you select Generate in the Secure Socket Layer (SSL) certificate section, the VPN 3000 series Concentrator is not able to generate the certificate. The following lines were captured from the event viewer in the VPN Concentrator.

1 01/01/2002 08:00:00.100 SEV=6 SSL/6 RPT=1
 Generating certificate with keysize 1024.

2 01/01/2002 08:00:00.400 SEV=7 SSL/7 RPT=1

 Attempting to generate new SSL default context.

3 01/01/2002 08:00:00.400 SEV=4 SSL/4 RPT=8

 Unable to create SSL default context: bad certificate.

4 01/01/2002 08:00:00.500 SEV=7 SSL/11 RPT=1
 SSLLoadLocalIdentity returned SSLIOErr.

Resolution

Delete any existing certificates, save the configuration, and reload the VPN Concentrator.

  1. Select Administration > Certificate Management.
  2. In the Actions box for the SSL Certificate listing, click Delete.
  3. Select Administration > System Reboot.
  4. Select Save the active configuration at time of reboot and select Now, and then click Apply.

You should be able to generate a new SSL certificate after the reload is complete.

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents