02-12-2007 01:48 PM
I have an 2003 MS-CA/scep server set up. I can get certificates for PIX 6.3 devices, but when I try to get a cert for an ASA 7.2(2)5. I see an error message in event viewer of the ca server stating that the SCEP plugin could not determine the key usage from the cert request.
I found a document from microsoft stating that the mscep version 5.131.3790.1053 is required to fix this very issue. I checked the version of the mscep.dll on the server and it is the same as above.
Has someone else seen this issue? Also, is it possible that the mscep.dll on my server is not the same mscep.dll on microsoft's webpage even though they have the same version number?
Thanks for your help
02-16-2007 01:06 PM
Try this:
It may be due to Admin credentials dont apply to the scep enrollment.
Check the Clock in ASA , Is the ASA clock in sync with the CA clock.
Try this link:
02-21-2007 10:39 AM
I found that the problem was that during the enrollment process when asked to supply a password for revocation, I was using a password with special characters (@ and -). This was causing my issue. After using a password without the special characters, it worked fine.
Thanks,
Mark
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: