Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

How to manage with root cetificate exchange

Hi

we have ipsec tunnels with about 150 Cisco routers that are conneted to the HQ routers through CA.

But CA is expiring within few days and we have to create new one.

This step is pretty awful cause it will unplugged the branch routers for couple of hours

The problem is that the crypto map cannot use different CA than the root one

For exapmle if I would enroll another root certificate and that pair with the crypto map, that I would be able to re-configure branch by branch

But there is no option in the IOS to do it like this

Do yo have any idea how this proccess can be managed ?

Thanks

157
Views
0
Helpful
0
Replies
CreatePlease to create content