cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
421
Views
0
Helpful
2
Replies

Install 3rd Party Vendor Certificates for use with WebVPN - ERROR

john.ebrahim83
Level 1
Level 1

I have windows 2008 R2 as CA Standalone Root. when i am generating the certificate request from cisco ASA and importing it in CA SERVER i am getting this error. please tell me i am using asa image 8.0.2 doing it in GNS3 and i have to implement it. however in windows 2003 servers the same request is importable.

ERROR:  asn1 bad tag value met asn 267

2 Replies 2

fb_webuser
Level 6
Level 6

I think it would be worthwhile to delte the keypair used to create the CSR. Create a new keypair and use a keysize of 1024 and recreate the csr.

---

Posted by WebUser Paul Carco from Cisco Support Community App

hey guys the above issue was resolved. now i have following error.

1- anyconnect popup with WARNING MESSAGE: Warning: "The following Certificate received from the Server could not be verified: "

2- on asa i can see following debug messages.

CRYPTO_PKI: Sorted chain size is: 1

CRYPTO_PKI: Found ID cert. serial number: 02, subject name: cn=admin

CRYPTO_PKI: Verifying certificate with serial number: 02, subject name: cn=admin, issuer_name: cn=ciscoasa, signature alg: SHA1/RSA.

CRYPTO_PKI(Cert Lookup) issuer="cn=ciscoasa" serial number=02                                                 |  .

CRYPTO_PKI: Invalid cert.

----------------------------------------------------------

do let me know why is this happening. i have installed both CA and Indetity certificates on cisco asa 8.4.

my client OS is Win7.