Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4016
Views
0
Helpful
5
Replies

Error: Update failed: [Certificate request subject name in keyring firepower_cert cannot be resolved

oeortiz01
Level 1
Level 1

‎05-29-2021 05:33 PM

Hello,

 

I have a problem creating the CSR on my FTD. when I try to commit an error si show:

 

Error: Update failed: [Certificate request subject name in keyring firepower_cert cannot be resolved]


FP-4120 /security # create keyring firepower_cert
FP-4120 /security/keyring* # set modulus mod2048
FP-4120 /security/keyring* # commit-buffer
FP-4120 /security/keyring # create certreq
FP-4120 /security/keyring/certreq* # set country US
FP-4120 /security/keyring/certreq* # set state CA
FP-4120 /security/keyring/certreq* # set locality "San Diego"
FP-4120 /security/keyring/certreq* # set org-name "MyCompany"
FP-4120 /security/keyring/certreq* # set org-unit-name Systems
FP-4120 /security/keyring/certreq* # set subject-name anything.MyDomainName.com
FP-4120 /security/keyring/certreq* # commit-buffer
Error: Update failed: [Certificate request subject name in keyring firepower_cert cannot be resolved]
FP-4120 /security/keyring/certreq* #

 

Im folllowing the guide:

 

https://www.cisco.com/c/en/us/support/docs/security/firepower-4110-security-appliance/200525-Install-a-Trusted-Certificate-for-Firepo.html#anc6

 

Anys suggestions?

 

Regards,

2 people had this problem
0 Helpful
5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-29-2021 07:43 PM - edited ‎05-29-2021 07:44 PM

Did you include the following step:

  • Configure the CSR fields. The CSR can be generated with just basic options like a subject-name. This prompts for a certificate request password as well.
fp4120 /security/keyring # create certreq subject-name fp4120.test.local
Certificate request password:
Confirm certificate request password:

?

It's mandatory.

0 Helpful

robert.m.schmatjen.ctr
Level 1
Level 1
In response to Marvin Rhoads

‎04-07-2022 12:54 AM

Does anyone have the real answer to this question that solves the problem?

0 Helpful

kerstin-534
Level 1
Level 1
In response to robert.m.schmatjen.ctr

‎10-12-2022 07:36 AM

FXOS does DNS lookup forward and reverse and appens domain-name to subject, does not make any sense

0 Helpful

kerstin-534
Level 1
Level 1
In response to kerstin-534

‎10-12-2022 07:44 AM

and domain-name cannot be unset, obviously

0 Helpful

kerstin-534
Level 1
Level 1
In response to kerstin-534

‎10-12-2022 07:52 AM

and the BEST comes. a non resolvable certificate request cannot be deleted, after changing domain name

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card