Doesn't matter. Both are sent dependent on what you configure.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Monday, September 20, 2010 9:30 AM To: [email protected] Subject: [OSL | CCIE_Security] fingerprint command in a trustpoint Hi all Using "fingerprint" under a trustpoint we can configure the CA server's fingerprint. By doing we need not verify the CA's fingerprint interactively during enrollment. The CA server gives a sha and md5 fingerprint. But it seems either sha or md5 fingerprint can be entered under the trustpoint. router1(config)#crypto pki authenticate cisco Certificate has the following attributes: Fingerprint MD5: 8D1A8193 2A9408AD B940AC90 74D75C66 Fingerprint SHA1: B59A1756 C4DFD302 8AB3A5A1 C5A1F58D 56BFF1BE Trustpoint Fingerprint: B59A1756 C4DFD302 8AB3A5A1 C5A1F58D 56BFF1BE Certificate validated - fingerprints matched. Trustpoint CA certificate accepted. Any thoughts? With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
