07-02-2010 04:49 AM - edited 03-10-2019 05:02 AM
Dear All,
I have doubt on host certificate:
I have two AIP-SSM module shows different host certificate value though i have installed/configured both on same date.
I am not very sure what this host certificate is.. could any1 help me to understand it.. and what is impect if it doesnt match...
IPS in Active ASA:
Host Certificate Valid from: 12-Jan-2009 to 13-Jan-2011
IPS in standby ASA:
Host Certificate Valid from: 04-Jun-2009 to 05-Jun-2011
Regards
Amar
Solved! Go to Solution.
07-02-2010 11:14 AM
Amar;
The host certificate is used for establishing secure communication between the sensor and managing devices such as IPS Manager Express, CS-MARS, etc. It can be re-generated from the CLI by issuing:
tls generate-key
It will be valid for two years from the date it was generated.
Scott
07-02-2010 11:14 AM
Amar;
The host certificate is used for establishing secure communication between the sensor and managing devices such as IPS Manager Express, CS-MARS, etc. It can be re-generated from the CLI by issuing:
tls generate-key
It will be valid for two years from the date it was generated.
Scott
07-03-2010 01:32 AM
Thanks scott,
Does it require any license or any other details to genrate... or i can simply issue the command "tls generate-key" and it will work...
Regards
Amar...
07-04-2010 02:17 PM
The certificate is self-signed and not tied to the licensing function.
Thank you,
Blayne Dreier
Cisco TAC IDS Team
**Please check out our Podcast**
TAC Security Show: http://www.cisco.com/go/tacsecuritypodcast
07-19-2010 03:11 AM
Thanks..
Its working now..
Regards
Amar
02-09-2011 05:31 AM
Thanks. My problem started when i could no longer communicate to the sensor and IME was displaying "not connected" for one of my senors. I actually unistalled Cisco IME, Upgrade to version 7.0.3 and then notice i was getting an error in regards to the Certificate. I came across this forum and it solved my problem in a matter of seconds. Thanks.
Ricky Morales
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide