Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
0
Helpful
1
Replies

UCS C220 M3 CSR for Internal CA

matthew.dixon
Level 1
Level 1

‎07-10-2018 12:56 PM - edited ‎03-01-2019 01:37 PM

Is it possible to change how the CSR is created on firmware 3.0(4d)? Our internal CA is rejecting the CSR that is generated. After a week of back and forth with them I received an email today that the reason it is being rejected is because the CSR is generated with Basic Constraint extended usage attributes. They told me that I need to create teh CSR without that. Is this possible? If not, is it possible to access the file level of this device to replace the key and certificate with one that the CA generates on its own?

 

Thank you.

0 Helpful
1 Reply 1

Kirk J
Cisco Employee
Cisco Employee

‎07-10-2018 07:21 PM

Greetings.

Try generating the CSR via the CLI/ssh.

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/cli/config/guide/3_0/b_Cisco_UCS_C-Series_CLI_Configuration_Guide_301/b_Cisco_UCS_C-Series_CLI_Configuration_Guide_201_chapter_01011.html

I'm not sure if it's the same issue, but might be related to https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh21859/?reffering_site=dumpcr

The bug references the c240, but for these types of issues, they will have the same impact.

 

Thanks,

Kirk...

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card