Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1366
Views
0
Helpful
1
Replies

Stuck PKCS12 FMC / FTD

Luke Fahey
Level 1
Level 1

‎08-23-2019 01:52 AM - edited ‎02-21-2020 09:25 AM

Hi There

I was installing a certificate for anyconnect VPN and i have managed to import a PKSC12 but forgot to enter the passphrase during installation.

The enrollment failed to deploy and i couldn't remove the certificate because it was in use by anyconnect. I imported another certificate, however i still can't remove the first one. When trying through FMC i get object deletion restricted, Remove from the device.

If i go to the device and try and delete it i get Last global Deployment to the device was unsuccessful. Please try again after the global deployment completes.

The issue is it wont complete because this certificate

 

FMC >> aaa-server test-radius protocol radius
FMC >> exit
FMC >> ssl trust-point certname
DASA Firepower 2110 >> error :
ssl trust-point certname
^
ERROR: % Invalid input detected at '^' marker.
Config Error -- ssl trust-point certname

 

Any ideas would be appreciated.

0 Helpful
1 Reply 1

Luke Fahey
Level 1
Level 1

‎08-25-2019 08:47 PM

Managed to resolve this issue. Although the cert was not tied to any connect, Once i deleted the any connect config it allowed me to remove the cert from the device then fmc.

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card