Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1509
Views
0
Helpful
0
Replies

SCEP: failed to open signed data

horvaia
Level 1
Level 1

‎09-23-2013 06:50 AM - edited ‎03-10-2019 12:06 AM

Hi,

I am trying to create a solution what would consist the following:

Avaya hard phones would vpn into the corporate network. Vpn authentication would be based on certificates. As I getting into the

implementation I found out that one of the key points of the solution is to using SCEP to enroll the certificates from CA server to the avaya

hardphones.  And here comes my trouble: I would like to use a cisco router as a CA server for this solution but when the phones try to enroll the

certificate I got this error on the router:

Sep 23 13:36:16.935: CRYPTO_CS: received a SCEP GetCACert request

Sep 23 13:36:16.939: CRYPTO_CS: CA certificate sent

Sep 23 13:36:19.515: CRYPTO_CS: received a SCEP request, 2263 bytes

Sep 23 13:36:19.519: CRYPTO_CS: read SCEP: registered and bound service SCEP_READ_DB_2   

Sep 23 13:36:19.519: CRYPTO_CS: failed to open signed data

Sep 23 13:36:19.519: CRYPTO_CS: read SCEP: unregistered and unbound service SCEP_READ_DB_2   

Sep 23 13:36:19.519: CRYPTO_CS: failed to read SCEP request

I enabled the following debug options:

PKI:

  Crypto PKI Msg debugging is on

  Crypto PKI Trans debugging is on

  Crypto PKI Certificate Server debugging is on

  Crypto PKI Validation Path debugging is on

Cisco router is a cisco 2811 router with the following IOS:

Cisco IOS Software, 2800 Software (C2800NM-IPBASEK9-M), Version 15.1(4)M6, RELEASE SOFTWARE (fc2)

Thanks,

Andras

3 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents