Hi all,
I am having trouble with obtaining with getcacert on a Cisco ASA 55xx.
Currently:
1. The SSCEP query tool at http://www.klake.org/~jt/sscep/ ran from
localhost works fine. I obtain the digital certificate and certificate
sign.
2. From the apache debug, I see the request come in from the apache log:
192.168.1.1 - - [29/Jul/2010:16:41:04 -0400] "GET
/cgi-bin/scep/pkiclient.exe?operation=GetCACert&message=CAIdentifier
HTTP/1.0" 200 2068 "-" "-"
3. A packet capture from the 192.168.1.2 (CA server) reveals the ca-ra-cert
is sent, from the best of my abilities of viewing.
4. I turned debuging on the asa 55xx router, see the request go out, but
get a fail, cert length =0. extract and certs failed (1795) According to
cisco documentation, this possibly indicates a parsing error? Is there a
field in the certificate that a Cisco Router will not support that openssl
may be including?
Any crumbs would be most appreciate.
Regards and thanks,
Jonathan
------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
