Dear All
I'm trying to setup a DMVPN environment with Win based PKI infrastructure. I would use SCEP for enrollment, and I would also use auto-enroll feature with RSA key roll-over (auto-enroll regenerate). It's working properly, however when a new RSA key is generated by the router and new certificate arrives via SCEP, the router stores the new values on NVRAM only. The logs contains the following: "%PKI-4-NOAUTOSAVE: Configuration was modified. Issue "write memory" to save new certificate" Is it possible to force the router to save the new RSA key and cert details into the startup config without manual intervention? (EEM could be an option, but there might be a better way to save just this info, i.e. to avoid problems if certificate is renewed when other changes are in progress on the box).
Thank you