ACE4710 Show crypto files displays file size mismatch
For some reason when I compare backup and active ACE4710 certs size I have a size mismatch on 2 certs. I have done everything I can think of to elimanate this mismatch in size. I start off on the active with crypto import terminal xyz.pem which then a show crypto files displays as say 1800 then through a console session with putty I attach to the backup where i use the export from the master and run the same import command then show crypto file again where there is a significant file size difference. Could this be as a result of the serial connection versus the telnet session otherwise on the master? I know that the master is using the correct file size cert as it is up and tested where unless I do a failover to the backup I do not know the cert will work and as well crypto verify shows both sets match on active and backup? Right now I am in a warm standby state for ft as a result. Thanks.
Re: ACE4710 Show crypto files displays file size mismatch
Figured out a fix. What I later came to realize is that I had originally uploaded through FTP the key and cert pem as one file which then the system seperated (with an ultimate file size based on this procedure) did not later match my copy and paste import file size for the two already seperate files. As well I was very carefull about white space and verify was done on both active and backup ACEs and the key pair in question. I was able to fix the problem by exporting from the copy and paste version and then re importing to the other device also through the terminal then use the new ones in the SSL proxy config for the pair in question. Then delete the FTP uploaded cert and key.Thanks for your help.
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...