Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1377
Views
0
Helpful
4
Replies

Certificate Expressway 8.5 Failed

Go to solution
Fabio Alberto dos Santos
Level 1
Level 1

‎09-14-2015 10:30 PM - edited ‎03-13-2019 09:09 PM

Hi;

We had a solution MOBILE REMOTE ACCESS using EXPRESSWAY EDGE and EXPRESSWAY CORE.

I had a problem after change a certificate ca public, When this new certificate is installed , exist the message : FAILED: MISSING PRIVATE KEY.

My question is How and Where I get this private key?

I have three certificates: 1 root ca , 1 server certificate to EXPRESSWAY-E and other server certificate EXPRESSWAY-C in .crt format.

It is done using CSRs generated in each EXPRESSWAY.

 

Regards;

 

Fabio Santos

 

 

 

Labels:
Preview file
42 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee
In response to Fabio Alberto dos Santos

‎09-15-2015 10:26 AM

Every time you generate a CSR, a new key is generated, no matter what you change, if you generated a new CSR, you'll need to have that one signed by your CA, and then upload it.

If during that time you generate a new CSR, the previous one will become invalid.

You might want to read my certs FAQ

http://docwiki.cisco.com/wiki/Certificates_FAQ

HTH

java

if this helps, please rate

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎09-15-2015 06:53 AM

I don't think you have generated the CSR, it clearly says there is no CSR in progress.

When you generate a CSR, a private key is generated to make sure you're actually bringing back that same CSR in the form of a signed certificate. So, they key is internal to the server, you cannot upload your own, or download it.

Generate a CSR from the server, and then have it signed, that's the actual process to get this to work.

HTH

java

if this helps, please rate
0 Helpful

Go to solution
Fabio Alberto dos Santos
Level 1
Level 1
In response to Jaime Valencia

‎09-15-2015 10:26 AM

Hi James;

Thanks by reply,

So I generated the CSR, and after it I loading a new certificate of Public CA. But now I have change this certicate because an information in alternate name was wrong. When I start this change the system no more show CSR in progress.

I can generate a new CSR, but  do you think that a new certificate Public CA will be required?

 

The CSR generated are in attachment.

 

Thanks;

 

Fabio

 

0 Helpful

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee
In response to Fabio Alberto dos Santos

‎09-15-2015 10:26 AM

Every time you generate a CSR, a new key is generated, no matter what you change, if you generated a new CSR, you'll need to have that one signed by your CA, and then upload it.

If during that time you generate a new CSR, the previous one will become invalid.

You might want to read my certs FAQ

http://docwiki.cisco.com/wiki/Certificates_FAQ

HTH

java

if this helps, please rate
0 Helpful

Go to solution
Fabio Alberto dos Santos
Level 1
Level 1
In response to Jaime Valencia

‎09-15-2015 01:31 PM

Jaime;

 

Very Thanks!
 

0 Helpful
Customers Also Viewed These Support Documents