I did creat my first trust-point on my corporat Cisco ASA 5520 firewall then i successfully get my CA certificate from my microsoft Root CA in the enterprise via MSCEP, then i did try to enroll the Identity Certificate with the same trust-point, the request showed up in the pending request container in the CA, i did issue the command "show crypto ca certificates <trustpoint-name> "on the CLI of the ASA, i saw info about my CA certificate and the RA certoficate and the certificate request of the identity certificate showed a pending status, then i approved the pending request on the CA pending request container then it showed up in the issued certificates container, BUT!! the problem is when i did issue the command "show crypto ca certificates <trustpoint-name> "on the CLI of the ASA back again i just saw the info of the CA certificate nothing else, and when i issued the command "show run" on the CLI i saw this portion " crl configure
crypto ca certificate chain CcsCert
certificate ca 051268897aa1fcb048e56f58818cc231
3082045f 30820347 a0030201 02021005 1268897a a1fcb048 e56f5881 8cc23130
0d06092a 864886f7 0d010105 0500303e " notice: i just typed a portion of the public key :) " , it is the public key of the CA, i dont know why i couldnt get the identity certificate, even i dont know if i got it but it just doesnt show up.
June 4, 2008 12:17 PM
June 4, 2008 12:26 PM