08-28-2014 06:37 AM
folks
i'm trying to setup a site to site vpn between two 1900 routers using certificates to authenticate the peers
i copied in the root ca certificate, generated the csr and now have the server/router certificate
once i paste in the server certificate the router can't verify it
when i look at the certificate generate by our pki server it has a root, intermediate and enterprise certificate
i suspect i need to install the full chain but i paste in the certificates all together in order
root
intermediate
enterprise
just as i would the single root certificate?
or
is there a way to put in the chain
i'm running Version 15.2(4)M4
thanks to anyone taking the time to respond
Solved! Go to Solution.
08-28-2014 06:58 AM
Hi,
Root and intermediate certificates needs to be installed together as authenticating certificate and your entreprise certificate should be installed in seperate if am not wrong.
crypto ca authenticate <trustpoint name>
paste root and intermediate / bundle with word quit in the end
!
crypto ca import <trustpoint> certificate
<actual entreprise certificate? with word quit at end
!
sample config procedure:
http://bytesolutions.com/Support/Knowledgebase/KB_Viewer/smid/622/ArticleID/21/reftab/195/t/Installing-GoDaddy-SSL-Certificates-on-a-Cisco-IOS-Router-using-CLI.aspx
Regards
Karthik
08-28-2014 06:58 AM
Hi,
Root and intermediate certificates needs to be installed together as authenticating certificate and your entreprise certificate should be installed in seperate if am not wrong.
crypto ca authenticate <trustpoint name>
paste root and intermediate / bundle with word quit in the end
!
crypto ca import <trustpoint> certificate
<actual entreprise certificate? with word quit at end
!
sample config procedure:
http://bytesolutions.com/Support/Knowledgebase/KB_Viewer/smid/622/ArticleID/21/reftab/195/t/Installing-GoDaddy-SSL-Certificates-on-a-Cisco-IOS-Router-using-CLI.aspx
Regards
Karthik
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: