I'll try this and see if it corrects the problem. The "crypto key zeroize rsa" command I believe will erase all rsa keys on the router, unless I specify a label used for a particular rsa keys.
Which syntax though is the correct one, of the options that I tried below ? Mark On Sun, Nov 7, 2010 at 7:50 PM, Vybhav Ramachandran <[email protected]>wrote: > Hello Mark, > > I had the same issue sometime back. If you look at the debugs, what you can > notice in this situation would be that , the ASA is using R3's certificate > which it has cached. This , i think, bypasses the certificate map > validation. > > The way to solve this is to erase the R3's public key from ASA's cache. I > think you can check the key using the command " *sh crypto key mypubkey > rsa" . *I'm not sure what the command to remove the keys is . It could be > "*crypto key zeroize rsa *" command? > > Do let me know if you have any luck regarding this. > > Cheers, > TacACK >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
