i successfully use sscep with a cisco 1600 router and ios 12.1.
But when using scep the commande crypto ca authenticate failed.
Please help.
here is the configuration of the router
hostname BICIS
ip domain-name www.bceao.int
ip host certifs 10.164.179.139 (the CA server)
crypto ca identity certifs
enrollment mode ra
enrollment url http://10.164.179.139/cgi-bin/scep/scep
crypto ca authenticate certifs
This last command failes with this debug
01:49:20: CRYPTO_PKI: Sending CA Certificate Request:
GET /cgi-bin/scep/pkiclient.exe?operation=GetCACert&message=certifs HTTP/1.0
01:49:20: CRYPTO_PKI: http connection opened
% Error in receiving Certificate Authority certificate: status = FAIL, cert length = 0
BICIS(config)#
01:49:24: CRYPTO_PKI: HTTP response header: HTTP/1.1 200 OK
Date: Fri, 15 Jul 2005 17:15:54 GMT
Server: Apache/1.3.27 (Unix) mod_ssl/2.8.14 OpenSSL/0.9.7c
Set-Cookie: CGISESSID=7dbba2128ef418313c1316b6a76c2bf3; path=/
Connection: close
Content-Type: application/x-x509-ca-ra-cert
Content-Type indicates we have received CA and RA certificates.
01:49:24: CRYPTO_PKI: WARNING: A certificate chain could not be constructed while selecting
& nbsp; 01:49:24: CRYPTO_PKI: Error: Code 0x0000 while selecting self signed certificate
01:49:24: CRYPTO_PKI: WARNING: Certificate, private key or CRL was not found while verifying
01:49:24: CRYPTO_PKI: status = 324: failed to verify
01:49:24: CRYPTO_PKI: Unable to read CA/RA certificates.
01:49:24: %CRYPTO-3-GETCARACERT: Failed to receive RA/CA certificates.
01:49:24: CRYPTO_PKI: transaction GetCACert completed
GET /cgi-bin/scep/pkiclient.exe?operation=GetCACert&message=certifs HTTP/1.0
01:49:20: CRYPTO_PKI: http connection opened
% Error in receiving Certificate Authority certificate: status = FAIL, cert length = 0
BICIS(config)#
01:49:24: CRYPTO_PKI: HTTP response header: HTTP/1.1 200 OK
Date: Fri, 15 Jul 2005 17:15:54 GMT
Server: Apache/1.3.27 (Unix) mod_ssl/2.8.14 OpenSSL/0.9.7c
Set-Cookie: CGISESSID=7dbba2128ef418313c1316b6a76c2bf3; path=/
Connection: close
Content-Type: application/x-x509-ca-ra-cert
Content-Type indicates we have received CA and RA certificates.
01:49:24: CRYPTO_PKI: WARNING: A certificate chain could not be constructed while selecting
& nbsp; 01:49:24: CRYPTO_PKI: Error: Code 0x0000 while selecting self signed certificate
01:49:24: CRYPTO_PKI: WARNING: Certificate, private key or CRL was not found while verifying
01:49:24: CRYPTO_PKI: status = 324: failed to verify
01:49:24: CRYPTO_PKI: Unable to read CA/RA certificates.
01:49:24: %CRYPTO-3-GETCARACERT: Failed to receive RA/CA certificates.
01:49:24: CRYPTO_PKI: transaction GetCACert completed
All the posts i saw in the mailing list did not help me.
Please help me it's very urgent
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez le ici !
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez le ici !
