Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
693
Views
0
Helpful
0
Replies

CA certificate stop working after CSR1000v reboot

zhiqiang.yan
Level 1
Level 1

‎07-21-2020 06:32 AM

I generated a certificate from a Linux and import to my CSR1000v, used for AnyconnectVPN.

I am doing that because a bug about self-sign certificated, and I am doing the workaround #3.

https://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70489.html

 

I noticed my Anyconnect will stop working after the CSR1000v reboot. when I "show crypto pki trustpoint status". 

 

1. the "Certificate request(s)" become "None",

2. I don't see "Router General Purpose certificate configured"

 

Trustpoint anyconnect2019:
Issuing CA certificate configured:
Subject Name:
cn=vpn.com
Fingerprint MD5: 380A4FC6 3DC67F46 69CBA8A5 EDF98852
Fingerprint SHA1: 6AAF63A6 28A3D864 F10E2E0B AE9951FC F58A03AC

 

 

State:
Keys generated ............. Yes (General Purpose, non-exportable)
Issuing CA authenticated ....... Yes
Certificate request(s) ..... None

 



Anyone know what is my issue? now, I have to re-import the cert after reboot the CSR.

 

Thanks,

Ryan

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents