04-16-2002 10:44 AM - edited 03-08-2019 10:20 PM
I'd like to use digital certificates for authentication on VPN tunnels, preferably from my own Entrust PKI . I also want to use a standard client that I don't need to modify or support myself ...perhaps something that comes from Microsoft as part of the OS ? What is out there there that would automaticlly renew the certificate before it expires ? What do people do when their certificate expires ?
04-24-2002 02:13 PM
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you, or there is no public information available at this time. If you don't get a suitable response to your post, you may wish to review our resources at the online http://www.cisco.com/go/solutions. You may also contact our product information line at 1-800-553-NETS or a Cisco Systems Engineer at your local Cisco office or reseller. To locate your local Cisco representative, visit http://www.cisco.com/warp/public/687/Directory.shtml
If anyone else in the forum has some advice, please reply to this thread.
08-05-2002 04:08 AM
You can use Entrust/Entelligence client side software. With the Entrust ID the key pair renew is also transparent and automatic.
Nimitt
08-06-2002 12:48 AM
Hi
We have the same problem, we're using Cisco VPN 3.5.2 Client with Certificate Authentication + Extended Auth (Tacacs+).
Certificate server Netscape/Iplanet CMS 4.1
Because there are no funktion to renew the certifices from within the client (that I am aware of) we are forced to issue new ones after they expire after 1 year.
So I would highly recommend Cisco to develop a renew function in the client.
What I have heard is the problem that there are no standard, diffrent servers have diffrent ways to do this(correct me if I 'am wrong).
/Brgds Stefan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide