From: David Mitchell (dmitchell@centientnetworks.com)
Date: Sun Jul 09 2006 - 12:25:58 ART
Before going too crazy troubleshooting it, make sure that the date and
time are the same on your router and server. It will reject a
certificate if the dates are wrong.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Stefan Grey
Sent: Saturday, July 08, 2006 3:10 PM
To: ccielab@groupstudy.com
Subject: IPSEC and CA
Hello all
I have a CA on PC. The address of the pc is 195.1.134.100. Directly to
it is
connected the router. The router can ping the PC. But the attemt to
authenticate and receive the CA from this fails.
R5(config)#ip domain-name cisco.com
R5(config)#crypto generate key rsa
R5(config)#crypto ca trustpoint server
R5(ca-trustpoint)#enrollment url
http://195.1.134.100/certsrv/mscep/mscep.dll
R5(ca-trustpoint)#enrollment mode ra
R5(ca-trustpoint)#crl optional
R5(config)#crypto ca authenticate server % Error in receiving
Certificate
Authority certificate: status = FAIL, cert length = 0
Should something be configured on the CA as well to use it??? What can
you
say?? Maybe url is wrong. What can be the issue. Maybe CA should be
somehow
tuned??
Thanks
Stefan.
This archive was generated by hypermail 2.1.4 : Tue Aug 01 2006 - 07:13:47 ART