Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA/IPS and IPS Manager Express

I am trying to add my sensor to the IPS Manager Express but I keep the following error. IOException when try to get certificate:java.security.cert.CertificationExpiredException: notafter Sat May 10 **** 2008.

I am sure this is simple but can find how to fix this.

Regards,

D

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ASA/IPS and IPS Manager Express

This usually means that the SSL/TLS certificate on your sensor's web server expired on May 10th, 2008.

This is very common for sensors that have been active for mroe than a year. When a sensor's certificate is generated it is usually valid for only a year or so.

You just need to create a new SSL/TLS certificate for your sensor.

Login to your sensor and execute "tls generate-key"

http://www.cisco.com/en/US/partner/docs/security/ips/6.1/command/reference/crCmds.html#wp504369

But keep in mind that once you do this you will need to ensure you go to any other management systems that connect to your sensor and ensure that the management system pulls down and accepts that new certificate (this often requires you push some type of accept button for the new certificate).

1 REPLY
Cisco Employee

Re: ASA/IPS and IPS Manager Express

This usually means that the SSL/TLS certificate on your sensor's web server expired on May 10th, 2008.

This is very common for sensors that have been active for mroe than a year. When a sensor's certificate is generated it is usually valid for only a year or so.

You just need to create a new SSL/TLS certificate for your sensor.

Login to your sensor and execute "tls generate-key"

http://www.cisco.com/en/US/partner/docs/security/ips/6.1/command/reference/crCmds.html#wp504369

But keep in mind that once you do this you will need to ensure you go to any other management systems that connect to your sensor and ensure that the management system pulls down and accepts that new certificate (this often requires you push some type of accept button for the new certificate).

1614
Views
0
Helpful
1
Replies
CreatePlease to create content