Re: Digital Certificate renewal

lmersereau · ‎04-16-2002

I'd like to use digital certificates for authentication on VPN tunnels, preferably from my own Entrust PKI . I also want to use a standard client that I don't need to modify or support myself ...perhaps something that comes from Microsoft as part of the OS ? What is out there there that would automaticlly renew the certificate before it expires ? What do people do when their certificate expires ?

ciscomoderator · ‎04-24-2002

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you, or there is no public information available at this time. If you don't get a suitable response to your post, you may wish to review our resources at the online http://www.cisco.com/go/solutions. You may also contact our product information line at 1-800-553-NETS or a Cisco Systems Engineer at your local Cisco office or reseller. To locate your local Cisco representative, visit http://www.cisco.com/warp/public/687/Directory.shtml

If anyone else in the forum has some advice, please reply to this thread.

nimittj · ‎08-05-2002

You can use Entrust/Entelligence client side software. With the Entrust ID the key pair renew is also transparent and automatic.

Nimitt

stefan.kristiansson · ‎08-06-2002

Hi

We have the same problem, we're using Cisco VPN 3.5.2 Client with Certificate Authentication + Extended Auth (Tacacs+).

Certificate server Netscape/Iplanet CMS 4.1

Because there are no funktion to renew the certifices from within the client (that I am aware of) we are forced to issue new ones after they expire after 1 year.

So I would highly recommend Cisco to develop a renew function in the client.

What I have heard is the problem that there are no standard, diffrent servers have diffrent ways to do this(correct me if I 'am wrong).

/Brgds Stefan