Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
310
Views
0
Helpful
1
Replies

Trustpoint CA certificate renewal

zsion
Level 1
Level 1

‎10-23-2024 12:34 AM

Hi Folks,

I have a Cisco IE3400 for which I want to setup a TLS connection for the logging.

The Trustpoint uses an Intermediate certificate authority for getting a certificate, which will be renewed at some point in the future, keeping the Common Name of the certificate, but the fingerprint of it will change.

What will happen on the next certificate renewal attempt of the Trustpoint?

The same enrollment URL will have a CA with a different fingerprint than what we specified at the beginning?

Can the Cisco automatically handle the situation?

Labels:
0 Helpful
1 Reply 1

Ken Stieers
VIP
VIP

‎10-23-2024 07:22 AM

When you get a cert, it won't outlive its issuing CA (the intermediate root).

So when you get a new cert and it comes from the new/renewed intermediate, you'll need to upload the new intermediate root cert to the device, along with the new cert you just got.

0 Helpful
Customers Also Viewed These Support Documents