I installed PKI server on cisco router, here is configs,
lab1#show clock 14:34:14.426 EET Tue Sep 21 2010
crypto pki server LAB
database level complete
no database archive
lifetime crl 12
lifetime certificate 1
lifetime ca-certificate 5
crypto pki trustpoint LAB
CA cert exipers after 5 days and signed certificate expired after 1 day.
After 5 days, CA certificate expired and I didn't rollover it.
The PKI server is turned off at 15:42:53 EET Sep 18 2010 and I couldn't start it after that.
CA Certificate Status: Available Certificate Serial Number: 01 Certificate Usage: Signature Issuer: cn=NOC1 Subject: cn=NOC1 Validity Date: start date: 15:42:53 EET Sep 13 2010 end date: 15:42:53 EET Sep 18 2010 Associated Trustpoints: LAB
lab1#conf t Enter configuration commands, one per line. End with CNTL/Z. lab1(config)#crypto pki server LAB lab1(cs-server)#no shu lab1(cs-server)#no shutdown % CA certificate expired. Cannot enable the Certificate Server.
I manually rolledover CA certificate, but this didn't help,
lab1(cs-server)#crypto pki server LAB ro <------------- rollover CA certificate
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...