Hi all, after the configuration moved from ASA to ASAv the certificate enrollment option in AnyConnect VPN doesn't work. I have a problem when trying to configure SCEP-forwarding in my ASAv:

[ERROR] scep-forwarding-url value http://hostname:port/auth/caservice/pkiclient.exe

Attempting to retrieve the CA/RA certificate(s) using the URL. Please wait ...

Received 3 CA/RA certificate(s) using the SCEP URL.

NON-RESIDENT CERT: serial: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, subject: CN=Certificate Services Endpoint RA - ise01
RESIDENT CERT: serial: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, subject: CN=Certificate Services Endpoint Sub CA - ise01
RESIDENT CERT: serial: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, subject: CN=Certificate Services Node CA - ise01

WARNING: Please check if you have all the required certificate(s) in the config to authenticate the certificates that will be issued using this SCEP URL

I can't find appropriate Certificate Services Endpoint RA in my ISE using web-console. I've tried to export 5 CA key pairs(all in one encrypted file without extension) using CLI to my repository and wishes certificate inside the file but I can't open this file.

I just want to add one certificate to ASAv, maybe there are any ideas how to do it?

I use 2.6 ISE version and 9.14 ASAv version