Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to apply 3rd party cert to Cisco 1811 ISR (using SDM not working)?

I am attempting to install a third party SSL cert (GoDaddy) to properly secure the external interface of my 1811 ISR so that I can implement SSL VPN. I have tried using SDM 2.5, but that doesn't appear to be working. I am familiar with doing this on a Cisco 3005 Concentrator, but I'm not aware of how to install an intermediate cert on the 1811 (or if it's even possible), in order to properly have the GoDaddy cert properly imported and used for SSL VPN.

I have gone through the CSR process and have the initial cert from them generated and have imported it, but it never appears to be identified correctly if I browse to the external interface on the router. The router always defaults to its self-signed cert.

Any help or pointers would be greatly appreciated.

1 REPLY
Cisco Employee

Re: How to apply 3rd party cert to Cisco 1811 ISR (using SDM not

You would need to manually configure your trustpoint in the CLI and point the enrollment URL to the 3rd party CA.  Then you would have to authenticate the trustpoint to get the root CA.  Then you would need to enroll with the trustpoint to generate a CSR (Certificate Signing Request) to send to the 3rd part CA for your ID cert.  Once you get the ID cert back, you would then need to import them.  This is referred to commonly as the cut-and-paste method and is described in details here:

http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_cert_enroll_pki.html#wp1073636

677
Views
0
Helpful
1
Replies
CreatePlease login to create content