Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1869
Views
0
Helpful
0
Replies

Unsupported Protocol HTTPS to 3850 Switch

robert.l.kraft
Level 1
Level 1

‎03-20-2020 09:09 AM - edited ‎03-20-2020 10:38 AM

I have configured a SCEP server and downloaded and imported the certificate:

crypto pki trustpoint XXXXX

enrollment mode ra

enrollment url http://xxxxxxxxxxxxxx:80/x/x/x/x.dll

usage ssl-server

serial number

ip.address x.x.x.x

vrf Mgmt-vrf

revocation-chekc crl

rsakeypair (same as trustpoint name)

 

I authenticated the trustpoint and enrolled and imported a certificate.

I have a certificate chain.

I have configured the following for the http server:

ip http-secure-server

ip http secure-client-auth

ip http secure-trustpoint XXXXX

ip http secure-peer-verify-trustpoint XXXXXXX

 

If I have this and leave the self signed certs in place it still passes the self signed cert, asked for the client cert, and then the web page spins forever or times out.

 

If I delete the self signed certs via deleting the SLA-Trustpoint and the TP-self-signed, the browser returns an unsupported protocol or cipher error. I have left the default TLS, including 1.1 and 1.2 (which both browsers I have tried are set to) and the ciphersuite to the default.

 

Any ideas where I'm going wrong?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card