07-13-2014 06:25 PM - edited 02-21-2020 07:43 PM
We need to enroll our GMs to our KS's via PKI. Is there a way for us to enroll all our router using the same certificate/CSR? Thanks!
07-14-2014 05:35 AM
Hi johnpong99,
From what I know each router has to have its own certificate signed by the CA (certificate authority). In each certificate the subject field uniquely identifies the equipment (in your case router) it is meant for. I don't think there is a way for the CA to issue a certificate usable on multiple devices
Hope this will help,
Best of luck
08-04-2014 10:22 PM
Hi Narcis,
Thanks for your response. I was able to perform this however there are some drawbacks since you are using the same certificate signed by the CA, there will be no identity between the devices involved. Aside from that, there is an alarm being generated but is not traffic affecting.
08-05-2014 06:54 AM
Hy John,
Interesting to know, but what is the purpose of the certificate if it can't uniquely identify each router. Does it help you?
Good luck
08-05-2014 07:48 PM
For ease of deployment purposes without involving the CA server. But this setup wasn't deployed in our production environment.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: