Trustpoint configuration | Parameter chain-validation

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-17-2019 04:10 AM - edited 02-21-2020 09:40 PM
Hello Cisco Community,
I am currently configuring trustpoints on a ISR router. The hierarchy looks like that: root --> subca --> router certificate.
I will create 2 trustpoints where the 1st will reference the root-ca and the 2nd one the subca and router certificate.
I am aware of the fact, that the chain of trust needs to be established. I check several configurations and some mentioned the command chain-validation none (for the Root-CA); chain-validation "name of upper trustpoint e.g. subca".
The question is, whether the command chain-validation ... needs to configured in order to setup a clean configuration on the router.
Any feedback is appreciated.
- Labels:
-
AnyConnect
-
Other VPN Topics
