Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Is configuring PCKS12 cert different than PEM?

I have been uploading PEM certs for some time with no issue...using the following basic config

ssl-proxy service CERT

  key mykey.pem

  cert mycertt.pem

However I just uploaded a pcsk12 file and it appeared to upload fine

under

#sh crypto file

myfirstpcsk12.pcsk12              4998  PKCS12  Yes        BOTH

ssl-proxy service MYFIRSTPCSK

  cert myfirstpcsk12.pcsk12

under class

class customer-vip

    loadbalance vip inservice

    loadbalance policy customer -l7slb

    loadbalance vip icmp-reply active

    nat dynamic 1 vlan 44

However when I try to associate the class w/ the proxy server i get the following error

(config)# policy-map multi-match VIP

(config-pmap)# class customer-vip

(config-pmap-c)# ssl-proxy server MYFIRSTPCSK

Error: ssl-proxy doesn't have a valid key/cert, cannot use it.

I'm not sure why im getting that error..

the sho crypto file output appears finfe

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Is configuring PCKS12 cert different than PEM?

Hi,

When using PKCS12 certificates, you need to configure the same file name for both cert and key under the ssl-proxy. Can you please give it a try?

I hope this helps

Daniel

2 REPLIES
Cisco Employee

Is configuring PCKS12 cert different than PEM?

Hi,

When using PKCS12 certificates, you need to configure the same file name for both cert and key under the ssl-proxy. Can you please give it a try?

I hope this helps

Daniel

Community Member

Is configuring PCKS12 cert different than PEM?

that was it..

thx!

434
Views
0
Helpful
2
Replies
CreatePlease to create content