Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Linksys root CA for SPA units

Hello!

I can't find the root certificate used to sign the CSR's submitted to Linksys for authenticating SPA units. The provisioning manual mentions that this should be supplied with the certificate obtained from the CSR but i got none. I think I need this in my java caroots file to successfully authenticate SPA units. Is this available or do I need to resubmit my CSR?

Thanks!

Everyone's tags (6)
6 REPLIES
Cisco Employee

Re: Linksys root CA for SPA units

Dear Gustav;

Thanks for your question. I believe Nacho already responded to this via the itsp mailer. Please let me know if you are satisfied with his response.

regards
Alberto

New Member

Re: Linksys root CA for SPA units

Dear Alberto,

Yes Nacho responded to my mail and the authentication is working OK after I've added the ca to the keyring, thanks!

I have a related question however; I'm implementing our new provisioning solution in jetty and hence get a X509Certificate object when the connection is established OK and the client is authenticated using the client certificate. Since i don't use apache, the example in the Provisioning guide does not apply. What is the most correct way to retreive the MAC address and serial number from the X509Certificate object? Parsing the Subject header or what? I take for granted all objects in a certificate can be trusted so it's more a matter of implementing something that works with all SPA-units in all revisions.

Thanks!

Cisco Employee

Re: Linksys root CA for SPA units

Hi Gustav,

Have you discovered a way to extract the MAC and serial # from the X509 cert?

If so, please share with the community.

Regards,

Patrick

----------

New Member

Re: Linksys root CA for SPA units

I've been busy for a while with other projects so this one has had to stand-down. As i mention in the previous post, this _can_ be done by parsing the subject header so given you can trust the contents of the certificate itself (which I believe is half the point of it...) that solution should be fine. I was more interested in whether there was a more elegant solution, but I have been unable to find one. So the Subject-parsing one will probably have to do.

Cisco Employee

Re: Linksys root CA for SPA units

Hi Gustav,

I've sent your question to Engineering to see if they have a better solution.

I'll let you know when I hear back.

Regards,

Patrick

-----------

Cisco Employee

Re: Linksys root CA for SPA units

Hi Gustav,

It appears that your solution is currently the best one available. We don't have any more efficient ways to accomplish your goal.

Regards,

Patrick

-----------

4298
Views
0
Helpful
6
Replies
CreatePlease to create content