Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Digital Certificate renewal

I'd like to use digital certificates for authentication on VPN tunnels, preferably from my own Entrust PKI . I also want to use a standard client that I don't need to modify or support myself ...perhaps something that comes from Microsoft as part of the OS ? What is out there there that would automaticlly renew the certificate before it expires ? What do people do when their certificate expires ?

  • Other Security Subjects
3 REPLIES

Re: Digital Certificate renewal

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you, or there is no public information available at this time. If you don't get a suitable response to your post, you may wish to review our resources at the online http://www.cisco.com/go/solutions. You may also contact our product information line at 1-800-553-NETS or a Cisco Systems Engineer at your local Cisco office or reseller. To locate your local Cisco representative, visit http://www.cisco.com/warp/public/687/Directory.shtml

If anyone else in the forum has some advice, please reply to this thread.

New Member

Re: Digital Certificate renewal

You can use Entrust/Entelligence client side software. With the Entrust ID the key pair renew is also transparent and automatic.

Nimitt

Re: Digital Certificate renewal

Hi

We have the same problem, we're using Cisco VPN 3.5.2 Client with Certificate Authentication + Extended Auth (Tacacs+).

Certificate server Netscape/Iplanet CMS 4.1

Because there are no funktion to renew the certifices from within the client (that I am aware of) we are forced to issue new ones after they expire after 1 year.

So I would highly recommend Cisco to develop a renew function in the client.

What I have heard is the problem that there are no standard, diffrent servers have diffrent ways to do this(correct me if I 'am wrong).

/Brgds Stefan

194
Views
0
Helpful
3
Replies
This widget could not be displayed.