Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11217
Views
0
Helpful
3
Replies

What is the Purpose of SLA-Trustpoint certificate?

RAMAN AZIZIAN
Level 1
Level 1

‎08-26-2019 07:52 AM

Hello,

We recently upgraded to IOS to 16.9.3 on Routers (ISR 4431) and Switches (3850), and I have noticed a new certificate has been installed.

crypto pki trustpoint SLA-TrustPoint

enrollment pkcs12

revocation-check crl

 

I have searched the net but I can't seem to find any information about what is used for.

 

I would like to delete from our config, but I wanted to make sure it wasn't necessary to have it on the running config.

 

Thanks,

raman

 

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Reza Sharifi
Hall of Fame
Hall of Fame

‎08-26-2019 08:06 AM

Hi,

Have a look at this link. If you don't have any CA trustporint, you don't need it

 

https://community.cisco.com/t5/vpn-and-anyconnect/what-is-a-pki-trustpoint/td-p/1404603

 

HTH

0 Helpful

RAMAN AZIZIAN
Level 1
Level 1
In response to Reza Sharifi

‎08-26-2019 08:17 AM - edited ‎08-26-2019 08:24 AM

We will eventually have the CA server, but for now we are using the self-signed certs generated by the device.

I was curious about why SLA-trustpoint was installed. Prior to SW upgrade we only had  the  crypto pki certificate chain TP-self-signed . When I do a show run command, I see two signed certs, where normally I would see only one.

 

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to RAMAN AZIZIAN

‎08-26-2019 08:31 AM

It is probably a new feature they added to the new version and enabled it by default.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card