Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cannot remove trustpoint from ASA

I am trying to clear out all the trustpoints on my ASA to reconfigure the ASA phone-proxy. However, I cannot remove the ctl-file asdm_CTL_File.

When I enter the command clear configure crpyto ca trustpoint I receive this error.

ERROR: The trustpoint phoneproxy_trustpoint appears to be in use. Unable to remove this trustpoint.

ERROR: Trustpoint cannot be removed There are 1 open sessions.

ERROR: The trustpoint _internal_PP_asdm_CTL_File appears to be in use. Unable to remove this trustpoint.

ERROR: Trustpoint cannot be removed There are 1 open sessions.

INFO: Be sure to ask the CA administrator to revoke your certificates.

I'm sure it's one or two commands that I am missing. Any help would be great.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Cannot remove trustpoint from ASA

Hello Brett

Have you tried removing CA certificate first?

clear configure crypto ca certificate "certname"

Also try clearing crls

clear crypto ca crls

An IPSEC transform-set in use by a crypto-map, containing RSA may also be causing this. Try removing the transform-set first

Regards

4 REPLIES

Re: Cannot remove trustpoint from ASA

Hello Brett

Have you tried removing CA certificate first?

clear configure crypto ca certificate "certname"

Also try clearing crls

clear crypto ca crls

An IPSEC transform-set in use by a crypto-map, containing RSA may also be causing this. Try removing the transform-set first

Regards

Re: Cannot remove trustpoint from ASA

If this issue is still not solved, do a "show tls-proxy sessions" and clear any in-use sessions.

Regards

Farrukh

New Member

Re: Cannot remove trustpoint from ASA

Looks like the commands took. Thank you for your help!

Re: Cannot remove trustpoint from ASA

Please mention which command specifically solved your problem.

Please rate any solutions if you find them helpful.

Regards

Farrukh

11435
Views
0
Helpful
4
Replies
CreatePlease to create content