Thanks Buck, it worked. I used LMHOST file of the PC to configure the DNS static entry.
The ASA CA server seems to very basic. It can't sign certificates like the IOS or MS CA server does rather only issue a identity certificate which can be used as self singed cert for SSL/TLS connections. With regards Kings On Thu, Oct 7, 2010 at 9:13 PM, Buck Wallander <[email protected]> wrote: > You can't access by the IP address, you have to access it by the URL that > get's emailed to you (or enrolled users) via the full link, including going > by the hostname. In my case I don't have valid public DNS records so I just > make a localhost entry. > > On Thu, Oct 7, 2010 at 7:44 AM, Kingsley Charles < > [email protected]> wrote: > >> Hi all >> >> I am trying to lab up an ASA CA server. As per the both the links given >> below (CCIE doc and IPE blog by Stu), I see that the enrollment url is >> https://hostname/+CSCOCA+/enroll.html. >> Instead of the hostname, I tried putting the ASA's inside and outside IP >> address but I didn't get the enrollment page. >> >> >> http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/cert_cfg.html#wp1067997 >> http://blog.ipexpert.com/2010/07/28/asa-local-ca-server/ >> >> >> Then I tried enabling http as following, I got the http authentication pop >> up but still doesn't work. >> >> http server enable >> http 0.0.0.0 0.0.0.0 outisde >> http 0.0.0.0 0.0.0.0 inside >> >> >> Has anyone tried it? >> >> With regards >> Kings >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
