04-26-2021 12:45 PM
been working to complete change us over to domain certificates being fed from a CA on an air-gapped network. I was able to get the root CA certificate installed on the trustpoint certificate store. I then attempted to generate a CSR for trustpoint called CA2 I get the following:
switch(config)# crypto ca enroll CA2
Create a challenge password. You will need to verbally provide this
password to the CA Administrator to revoke your certificate.
For security reasons your password will not be saved in the configuration.
Please make a note of it.
Password: <completed password>
The subject name in the certificate will be the name of the switch.
Include the switch serial number in the subject name? [yes/no]: no
Include an IP address in the subject name [yes/no]:yes
ip address: <completed ip address>
Include the Alternate Subject Name? [yes/no]:yes
Enter Alternate Subject Name:<completed.fqdn>
The certificate request will be displayed...
No such file or directory
could not perform certificate request creation
switch(config)#
It exits back to the switch prompt without displaying the CSR. Was wondering what we missed somewhere?
Thanks!
Solved! Go to Solution.
04-26-2021 06:39 PM
Hi
What version of NXOS are you using?
Have you tried to create a new trustpoint?
The configuration is straight forward:
crypto ca trustpoint TEST rsakeypair TEST enrollment terminal ! crypto ca authenticate TEST ! crypto ca enroll TEST ! crypto ca import TEST certificate
04-26-2021 06:39 PM
Hi
What version of NXOS are you using?
Have you tried to create a new trustpoint?
The configuration is straight forward:
crypto ca trustpoint TEST rsakeypair TEST enrollment terminal ! crypto ca authenticate TEST ! crypto ca enroll TEST ! crypto ca import TEST certificate
04-27-2021 12:02 PM
Turns out that when I used only alphanumeric characters for the password everything worked. So much for complex passwords..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide