Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Compatilbility between Cisco IOS certificates support and OpenSSL?

My customer is trying to deploy a PKI solution using digital certificates signed with an OpenSSL server.

He is trying to use the certificates for IPSec VPNs between Cisco 1721 (IOS 12.3) and a Checkpoint Firewall but it seems that the routers never get to use the downloaded certificates.

Is there any known incompatibility in this setup?

I have seen some issue regarding the Serial Number of the CA Root Certificate Serial Number which, for OpenSSL, needs to be 0, and Cisco IOS allegedly requires to be a positive, non-zero, number.

Can anyone confirm this?

Thanks in advande.

Enrique Cuesta

Customer Support

BT Spain

CCIE #10804

425
Views
0
Helpful
0
Replies
CreatePlease to create content