Hello ,
i have the following scenario :
MS Certificate Server include SCEP Support . the server is the Domain Controller.
A Cisco 2610 IOS Router Version 12.2(5)
I want use the ca as authentication authorithy for a VPN ( RSA-SIG )
On the router i have configure the following :
a rsa Key pair
ip domain-name
i get a valid root certificate from the ca .
crypto ca identity myca
enrollment url http://radiustest/certsrv/mscep/mscep.dll
crl optional
when i request a certificate with the
crypto ca enroll myca
i get the certifcate fingerprint , but the the follwoing error.message displayed
"certificate enrollment request was rejected by Certificate Authority "
When i open the url http://radiustest/certsrv/mscep/mscep.dll with the browser
i get a Domain-Login Screen Username : Password :
In my opinion it is ok , because it is a DC .( only selectet user have access . The Iusr as the access- rights )
When i enter the " iuser " the Website with the fingerprint will displayed .
Is the Ca Server the problem ?
Anybody an idea ?
thanks
Hermann