Solved: Re: FMC Manual Certificate renewl 'Manual refresh required' error

gnii · ‎08-31-2020

Hi,
I'm having difficulties renewing a manual certificate on my FMC/FTD at the moment. The old one is expired.

We renewed the certificate using the old CSR we had saved from the first enrollment.
But after uploading the new CRT, the FMC ends up with that line :
Old certificate available, re-enroll is in progress. Manual refresh required.

Is there anything to do after that ? or do I just need to wait ?

I do not get anything on the 'Deploy' button ;
the CLI 'show crypto ca certificates' still shows me the old out of date certificate.
it's been more than 20 minutes now, a config upload is usually 5 minutes

Rob Ingram · ‎08-31-2020

Hi,

I've never had issues configuring certificates and I've never seen this error either.....although I've never re-used the same CSR before. Creating a CSR is trivia, try again but create a new CSR, get it signed and then import.

View solution in original post

Rob Ingram · ‎08-31-2020

Hi,

I've never had issues configuring certificates and I've never seen this error either.....although I've never re-used the same CSR before. Creating a CSR is trivia, try again but create a new CSR, get it signed and then import.

gnii · ‎09-01-2020

Hi,
We actually did that, and it worked. The guys handling the certificates in the company usually use the old CSRs for renewal, they've always done that.
I followed your advice and sent them the new CSR, and the returned CRT was accepted.

Thank you.

lakshman.yvv · ‎01-16-2021

Hi Rob,

I’ve got same error, I tried generating the new CSR and uploaded still I have same issue. I can see the CA and ID certs installed on FTD. I’ve uploaded the root CA, generated CSR and upload the signed CSR again. Still I got the same error. Any ideas why this is happening?