I generated a certificate from a Linux and import to my CSR1000v, used for AnyconnectVPN.
I am doing that because a bug about self-sign certificated, and I am doing the workaround #3.
https://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70489.html
I noticed my Anyconnect will stop working after the CSR1000v reboot. when I "show crypto pki trustpoint status".
1. the "Certificate request(s)" become "None",
2. I don't see "Router General Purpose certificate configured"
Trustpoint anyconnect2019:
Issuing CA certificate configured:
Subject Name:
cn=vpn.com
Fingerprint MD5: 380A4FC6 3DC67F46 69CBA8A5 EDF98852
Fingerprint SHA1: 6AAF63A6 28A3D864 F10E2E0B AE9951FC F58A03AC
State:
Keys generated ............. Yes (General Purpose, non-exportable)
Issuing CA authenticated ....... Yes
Certificate request(s) ..... None
Anyone know what is my issue? now, I have to re-import the cert after reboot the CSR.
Thanks,
Ryan