Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
425
Views
0
Helpful
1
Replies

Home brew CA certificate import into IOS

TheSlyOne
Level 1
Level 1

‎05-29-2013 09:25 AM - edited ‎03-10-2019 08:28 PM

I want to set up a VPN server and connect 8 clients authenticating with certificates generated and signed by TinyCA.

I don't want to use a proper CA, I would rather use TinyCA. I have created a CA key and certificate and generated some client keystone certs, but I am unsure of how to properly import and chain the keys. I tried importing the CA cert and the key/cert for the router, but it doesn't seem to work. The ikev2 logs suggest it can't find the trust point.

All the documentation I have found online seems to assume commercial CA's. does anyone know what the best format to export the keys and cents from TinyCA. And what is the step by step procedure for importing the files to IOS 15.1. if anyone can point me in the direction of a guide on certificates on IOS that is clear on the subject, that would be great. All the ones I have found are confusing and not as simple as I need.

I assume I import the CA cert using the crypto pki import command, but do I use the same process for the routers key/cert, or do I use the crypto key commands?

Labels:
0 Helpful
1 Reply 1

Ravi Singh
Level 7
Level 7

‎06-08-2013 08:58 PM

For you inquiry, I would suggest you to go through the below link.

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a008037d1c8.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents