Looks like the sensor SSL/TLS Certificate may have expired on the sensor.
Web browse to the sensor to start IDM, and during the initial login (before IDM even loads) you can view the sensor's certificate (on Internet Explorer it is a Security Alert window that pops up and on the bottom right is a "View Certificate" button). Look at the certificate to see if it has expired.
(If you had previously saved the sensor certificate then you will need to look at the web browser's stored certificate for the sensor.)
Check that the time on both the IEV and sensor are correct. If the date on the IEV box is wrong then the IEV might assume the sensor's certificate is expired even when it is still valid. If the sensor's date is wrong, then it may have generated a certificate in the past or future based on the wrong date.
If the sensor's certificate is expired, then a new ceritificate will need to be generated on the sensor.
Execute "tls generate-key" on the sensor's CLI to generate a new key.
NOTE: If a new certificate is generated, then every management tool connecting to the sensor (like IEV, or CSM) will need to re-import the sensor's new SSL/TLS certificate.
The certificate's generated on the sensor are usually only valid for about 2 years. On the very first bootup of the sensor (either during manufacturing or after a re-image/recovery) it will automatically generate a new certificate. If more than 2 years have passed since the sensor was booted up for the first time, then the original certificate will have expired and it is common to have to generate a new one.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :