I have a brand new 3745 router running Cisco IOS 12.3(11)T, which I have set up as the core gateway router for my WAN. I set up a CA and enrolled the router with the CA. The router was authenticated and received a certificate which I stored in the nvram using the "copy system:running-config nvram:startup-config" command. Before reboot, when I do a "show start", both certificates are seen as stored on the nvram. However after a reboot, only the router certificate remains on the nvram. I tried using a "no crypto ca certificate query" command, but I still get the same result. What do you think the problem is here? Is it a bug with the IOS?
Might be worth checking the format of your certificate. I had the same problem with a 3600 in a test environment and had to amend the setup of my Microsoft Certificate Server to include the following Subject Name RDNs :
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...