cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1355
Views
0
Helpful
2
Replies

Unable to create a CSR on Nexus 9300

JohnLuce95601
Level 1
Level 1

 been working to complete change us over to domain certificates being fed from a CA on an air-gapped network. I was able to get the root CA certificate installed on the trustpoint certificate store. I then attempted to generate a CSR for trustpoint called CA2 I get the following:

 

switch(config)# crypto ca enroll CA2

Create a challenge password. You will need to verbally provide this

password to the CA Administrator to revoke your certificate.

For security reasons your password will not be saved in the configuration.

Please make a note of it.

Password: <completed password>

The subject name in the certificate will be the name of the switch.

Include the switch serial number in the subject name? [yes/no]: no

Include an IP address in the subject name [yes/no]:yes

ip address: <completed ip address>

Include the Alternate Subject Name? [yes/no]:yes

Enter Alternate Subject Name:<completed.fqdn>

The certificate request will be displayed...

No such file or directory

could not perform certificate request creation

switch(config)#

 

It exits back to the switch prompt without displaying the CSR. Was wondering what we missed somewhere?

Thanks!

1 Accepted Solution

Accepted Solutions

Francesco Molino
VIP Alumni
VIP Alumni

Hi 

 

What version of NXOS are you using?

Have you tried to create a new trustpoint?

 

The configuration is straight forward:

crypto ca trustpoint TEST
     rsakeypair TEST 
     enrollment terminal
!
crypto ca authenticate TEST
!
crypto ca enroll TEST
!
crypto ca import TEST certificate

 

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni

Hi 

 

What version of NXOS are you using?

Have you tried to create a new trustpoint?

 

The configuration is straight forward:

crypto ca trustpoint TEST
     rsakeypair TEST 
     enrollment terminal
!
crypto ca authenticate TEST
!
crypto ca enroll TEST
!
crypto ca import TEST certificate

 

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

JohnLuce95601
Level 1
Level 1

Turns out that when I used only alphanumeric characters for the password everything worked. So much for complex passwords..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: