Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1797
Views
0
Helpful
2
Replies

Certificates disappear after reload ?

jlacis
Level 1
Level 1

‎08-07-2003 05:17 AM - edited ‎02-20-2020 10:55 PM

I do wonder if this is the right behaviour of the router. If I reload my Cisco 3620 IOS VPN Server, both CA and router's itself certificates are gone. Need to do the procedure (crypto ca authenticate ..., crypto ca enroll ...) to get the certificates. IOS version:

IOS (tm) 3600 Software (C3620-IK9O3S3-M), Version 12.2(13)T5, RELEASE SOFTWARE (fc1)

System image file is "flash:c3620-ik9o3s3-mz.122-13.T5.bin"

Any answer ?

0 Helpful
2 Replies 2

hadbou
Level 5
Level 5

‎08-14-2003 07:44 AM

Be aware that the certificates and the revocation list when used can be a memory problem for the router. Normally certificates and CRLs are stored locally in the router's NVRAM, and each certificate and CRL uses a moderate amount of memory. But it can happen that the router lacks memory space and will not store the information in NVRAM. Hence, when rebooting the router, the some certificate and some revocation lists could be lost. Please take a look at :

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt4/scdinter.htm#xtocid391213

You can configure the router not to store CRLs and Certificates on the router but rather to query the CA when required, there by freeing the space in the NVRAM.

0 Helpful

jlacis
Level 1
Level 1
In response to hadbou

‎08-14-2003 11:11 PM

Thanks ! I had "crypto ca certificate query" command in my config, that was the reason. Now I see with "dir nvram:" that certificates are stored locally on the router.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card