cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1560
Views
0
Helpful
0
Replies

Unsupported Protocol HTTPS to 3850 Switch

robert.l.kraft
Beginner
Beginner

I have configured a SCEP server and downloaded and imported the certificate:

crypto pki trustpoint XXXXX

enrollment mode ra

enrollment url http://xxxxxxxxxxxxxx:80/x/x/x/x.dll

usage ssl-server

serial number

ip.address x.x.x.x

vrf Mgmt-vrf

revocation-chekc crl

rsakeypair (same as trustpoint name)

 

I authenticated the trustpoint and enrolled and imported a certificate.

I have a certificate chain.

I have configured the following for the http server:

ip http-secure-server

ip http secure-client-auth

ip http secure-trustpoint XXXXX

ip http secure-peer-verify-trustpoint XXXXXXX

 

If I have this and leave the self signed certs in place it still passes the self signed cert, asked for the client cert, and then the web page spins forever or times out.

 

If I delete the self signed certs via deleting the SLA-Trustpoint and the TP-self-signed, the browser returns an unsupported protocol or cipher error. I have left the default TLS, including 1.1 and 1.2 (which both browsers I have tried are set to) and the ciphersuite to the default.

 

Any ideas where I'm going wrong?

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers