hi , i have problem with connecting one device to CA server 

i create trustpoint 

crypto pki trustpoint CA
 enrollment terminal
 serial-number
 subject-name CN=x , OU=x
 revocation-check none
 rsakeypair my.ca.key

but when i paste CSR that i create with cry pki enroll, output is fail in saving cert

im really lost in dark i need serious help about connecting Device to CA server 
please help me! if u can told me what procedure i should go i find my way out

domain active
ssh active
CA accessable
CSR submitable