Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2085
Views
5
Helpful
4
Replies

Problem with uploading Third Party Security Certificates to LMS Server

melitrissa2007
Level 1
Level 1

‎02-27-2013 11:29 AM

Hello,

Could you help me on resolving problem with creating Certificate Signing Request for Cisco LMS?

I performed the following actions for it creating:

1. I  created Self-signed certificate using the following link:  Admin/Trust Management/Local Server/ Certificate Setup

There I filled field and pushed Apply

2. Then I restarted the Daemon Manager and entered to folder \NMSroot\MDC\Apache\conf\ssl. Where I opened the file server.csr via notepad and  copied the text :

-----BEGIN CERTIFICATE REQUEST-----

  .........

-----END CERTIFICATE REQUEST-----

5. After that I  pasted the copied text to our CA for signed. I was using the certificate template  - Web server with private key. Now I get the error :

Certificate Request Denied

Your certificate request was denied. Your Request Id is 13525. The disposition message is "Denied by Policy Module The certificate validity period will be shorter than the WebServerwithPrivateKey Certificate Template specifies, because the template validity period is longer than the maximum certificate validity period allowed by the CA. Consider renewing the CA certificate, reducing the template validity period, or increasing the registry validity period. ".

Could you help me how I can change the certificate validity period?

Could I perform this when I generate self-signed certificate in LMS?

Thank you in advance

Labels:
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-27-2013 12:53 PM

The certificate setup menu choice you used is designed only to setup self-signed certificates. those are for 5 years and not configurable beyond the standard fields presented in the GUI.

To installl a 3rd party certificate, please use the SSL Utility perl script that is provided with the server and accessible from the command line interface. Further details are in the Admin Guide here.

0 Helpful

melitrissa2007
Level 1
Level 1
In response to Marvin Rhoads

‎02-27-2013 09:58 PM

Thank you for reply.

But I can not understand how I can create a certificate request so that then paste it and sign on our CA.

As I see I can only import certificate from CA with using the SSL Utility

0 Helpful

melitrissa2007
Level 1
Level 1
In response to Marvin Rhoads

‎03-03-2013 10:37 PM

Thank you for help. It's OK.

0 Helpful
Customers Also Viewed These Support Documents