We are having a big problem trying to install an SSL certificate on an ASA 5510 running 8.2 (5). We have installed many of these from different vendors and not had any real issues before.
Following the Cisco recommended procedure these are the steps we have followed:
1. Set clock to correct time
2. Generate the RSA key and CSR and sent to the CA.
3. Authenticate the trustpoint and install the intermediate certificate.
4. Install the certificate.
Here are the errors we are getting during the process:
A. In step 2 we get this message.
"WARNING: The certificate enrollment is configured with an fqdn that differs from the system fqdn. If this certificate will be used for VPN authentication this may cause connection problems."
I have seen this before and normally causes no issues and the fqdn is the same in any event.
B. In step 4 the certificate fails to install and gives the following message:
"Failed to parse or verify imported certificate"
We have reviewed the Cisco explanation on this error but it does not really help.
TROUBLE SHOOT SO FAR
We checked the authentication of trustpoint and the RSA keys. We thought the hash SHA was incorrect as the new certificates are all SHA2 (256) so we had the CA issue a new cert with SHA1 but this did not work.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :