Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
259
Views
0
Helpful
1
Replies

Crl optional doubling up on word optional!

technion
Level 1
Level 1

‎02-05-2004 12:34 AM - edited ‎03-09-2019 06:19 AM

We have three Cisco 1710 security access routers, all with the same problem.

We found various times when they certification authority would fall apart and connections would be refused. We did a lot of googling, found it to be a common problem, with the resolution being to add

crl optional

to the trustpoint.

This worked when building a new router. However, when trying to add the line to existing trustpoints, you would type exactly "crl optional" in the trustpoint definition and then to a show run, you would see

crl optional optional

Somehow, the running config became something that's not valid. (It's not.. run the command and see the error).

Works every time just like the above, though strangely seems to solve the problem. Issue is when you "copy run start", it copies the incorrect line to startup-config, which then fails to load on reboot. I have tested copying it to a tftp server, then copying it straight back to running-config. It fails. By editing the text file to remove the extra occurance of the wor d"optional", then loading it back to running-config, we have a correctly working backup.

How to get it in startup config, and thus survive hte reboot however, has us stumped. More importantly, why is it doubling that word up in the first place?

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎02-07-2004 08:37 PM

This is bug CSCdv55279, already fixed in 12.2(8)T or higher, and anything 12.3 mainline. You can read about the bug here:

http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdv55279&Submit=Search

0 Helpful
Customers Also Viewed These Support Documents