Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1662
Views
0
Helpful
1
Replies

crypto pki authenticate ca

Go to solution
mulhollandm
Level 1
Level 1

‎08-28-2014 06:37 AM

folks

i'm trying to setup a site to site vpn between two 1900 routers using certificates to authenticate the peers

i copied in the root ca certificate, generated the csr and now have the server/router certificate

once i paste in the server certificate the router can't verify it

when i look at the certificate generate by our pki server it has a root, intermediate and enterprise certificate

i suspect i need to install the full chain but i paste in the certificates all together in order

root

intermediate

enterprise

just as i would the single root certificate?

or

is there a way to put in the chain

i'm running Version 15.2(4)M4

thanks to anyone taking the time to respond

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nkarthikeyan
Level 7
Level 7

‎08-28-2014 06:58 AM

Hi,

 

Root and intermediate certificates needs to be installed together as authenticating certificate and your entreprise certificate should be installed in seperate if am not wrong.

 

crypto ca authenticate <trustpoint name>

                     paste root and intermediate / bundle with word quit in the end

                   !

                   

crypto ca import <trustpoint> certificate

                     <actual entreprise certificate? with word quit at end

!

 

sample config procedure:

http://bytesolutions.com/Support/Knowledgebase/KB_Viewer/smid/622/ArticleID/21/reftab/195/t/Installing-GoDaddy-SSL-Certificates-on-a-Cisco-IOS-Router-using-CLI.aspx

 

Regards

Karthik

View solution in original post

0 Helpful
1 Reply 1

Go to solution
nkarthikeyan
Level 7
Level 7

‎08-28-2014 06:58 AM

Hi,

 

Root and intermediate certificates needs to be installed together as authenticating certificate and your entreprise certificate should be installed in seperate if am not wrong.

 

crypto ca authenticate <trustpoint name>

                     paste root and intermediate / bundle with word quit in the end

                   !

                   

crypto ca import <trustpoint> certificate

                     <actual entreprise certificate? with word quit at end

!

 

sample config procedure:

http://bytesolutions.com/Support/Knowledgebase/KB_Viewer/smid/622/ArticleID/21/reftab/195/t/Installing-GoDaddy-SSL-Certificates-on-a-Cisco-IOS-Router-using-CLI.aspx

 

Regards

Karthik

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents