Hi all
Using "fingerprint" under a trustpoint we can configure the CA server's
fingerprint. By doing we need not verify the CA's fingerprint interactively
during enrollment. The CA server gives a sha and md5
fingerprint. But it seems either sha or md5 fingerprint can be entered under
the trustpoint.
router1(config)#crypto pki authenticate cisco
Certificate has the following attributes:
Fingerprint MD5: 8D1A8193 2A9408AD B940AC90 74D75C66
Fingerprint SHA1: B59A1756 C4DFD302 8AB3A5A1 C5A1F58D 56BFF1BE
Trustpoint Fingerprint: B59A1756 C4DFD302 8AB3A5A1 C5A1F58D 56BFF1BE
Certificate validated - fingerprints matched.
Trustpoint CA certificate accepted.
Any thoughts?
With regards
Kings
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
