cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1310
Views
0
Helpful
1
Replies

Enrolling Cisco Router as Sub CA to Win2k8 offline CA

jonathanaxford
Level 3
Level 3

Hi all,

I'm after some help and guidance on the process of enrolling a Cisco Router as a Subordinate CA to an existing Windows 2008 Standalone Root CA. Due to the security policies in place on the customer account, the Root cannot be attached to the network, therefore all requests have to submitted and issued manually.

Can anyone point me in the right direction? Should I be trying to create a Certificate Request File (CSR) on the router itself or should I just go for something like OpenSSL to generate the request? I have currently tried both of these ways. If I generate a CSR on the router, the Windows CA doesn't seem to want to issue a certificate as a "SubCA" certificate. Using a combination of a different windows server and OpenSSL I have managed to get a Sub CA certificate issued, but cannot get the certificate or private key file imported onto the router.

Any information on this process would be much appreciated,

Cheers

J

1 Reply 1

jonathanaxford
Level 3
Level 3

Just for completeness - we have bee advised by Cisco that "Enrollment terminal" is not supported when creating Subordinate CA's...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: