• Advertisement

Installing SSL Certificate(s) on IOS

IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.

Installing SSL Certificate(s) on IOS

Postby Guest » Sat Jan 08, 2011 1:26 pm

Having an issue with an SSL certificate DigiCert on a Cisco 2811 running IOS 124-24.T4.

 

I can get the certificate(s), intermediate and server certs installed fine unsing the one trustpoint created. And the ssl website works fine for IE browsers, but other browser types get errors. When I do an SSL cert check it shows that the "The server is not sending the requied intermediate certificate" (see attachment). I feel like I have followed what documentaiton is available correctly. Any suggestions is greatly appreciated.

 

This is the best directions I could find to follow. They are specifically for go-daddy certs but I think it would be the same process for any.

http://bytesolutions.com/Support/Knowledgebase/KB_Viewer/smid/622/ArticleID/21/reftab/195/t/Installing-GoDaddy-SSL-Certificates-on-a-Cisco-IOS-Router-using-CLI.aspx

 

Thanks,

BR

Guest
 

Advertisement

Re:Installing SSL Certificate(s) on IOS

Postby Guest » Sat Jan 08, 2011 1:40 pm

Hi ,

 

If you have multiple CA certs, you need to authenticate the trustpoint containing the identity certs using the immediate intermediate cert and then use other trustpoints to import the  other CA certs one by one.

 

So basically,we need to follow the following configuration to import the 3 CA certificate and the Identity certificate on the router:


1.  Create root trustpoint
Guest
 

Re:Installing SSL Certificate(s) on IOS

Postby Guest » Sat Jan 08, 2011 2:52 pm

Hi Rahqovin,

 

Much appreciation for your assistance. What you recommended pointed to the solution. This procedure is not very well documented on the web at all.

 

Thanks,

-BR

Guest
 

Re:Installing SSL Certificate(s) on IOS

Postby Guest » Sat Jan 08, 2011 4:02 pm

True. It is because that only recently that many CA vendors have changed their hierarchy. The same issue should not have affected the ASA though.

Guest
 



  • Advertisement


Similar topics


Return to Virtual Private Networks

Who is online

Users browsing this forum: No registered users and 3 guests

cron