Core issue
When you select Generate in the Secure Socket Layer (SSL) certificate section, the VPN 3000 series Concentrator is not able to generate the certificate. The following lines were captured from the event viewer in the VPN Concentrator.
1 01/01/2002 08:00:00.100 SEV=6 SSL/6 RPT=1
Generating certificate with keysize 1024.
2 01/01/2002 08:00:00.400 SEV=7 SSL/7 RPT=1
Attempting to generate new SSL default context.
3 01/01/2002 08:00:00.400 SEV=4 SSL/4 RPT=8
Unable to create SSL default context: bad certificate.
4 01/01/2002 08:00:00.500 SEV=7 SSL/11 RPT=1
SSLLoadLocalIdentity returned SSLIOErr.
Resolution
Delete any existing certificates, save the configuration, and reload the VPN Concentrator.
- Select Administration > Certificate Management.
- In the Actions box for the SSL Certificate listing, click Delete.
- Select Administration > System Reboot.
- Select Save the active configuration at time of reboot and select Now, and then click Apply.
You should be able to generate a new SSL certificate after the reload is complete.