collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: AutoEnrollment on Cisco IOS  (Read 16362 times)

ToX1c

  • Guest
AutoEnrollment on Cisco IOS
« on: October 03, 2013, 02:53:58 AM »
Hello!
I have 1 RootCA (Win 2008 R2 SP1 Standalone Root) and 2 Cisco Routers (3825 15.0(1)M6 and 2911 15.3T). I can enroll certificate for the first time with password from RootCA (this password never expired).
On Cisco Routers in trustpoint configuration I enter command auto-enroll 15 regenerate, but auto enrollment not working.
If I try manually to reenrol certificate (crypto pki enroll RootCA) in debug I see message:

CRYPTO_PKI: Begin shadow operation - skip current enrollment
PKI: Shadow state for MCSM1ROOT now NOSTATE
CRYPTO_PKI: Capabilites already obtained 80000004
PKI: Shadow state for MCSM1ROOT now NOT_SUPPORTED
CRYPTO_PKI: Setting renewal timers

Anybody knows how to resolve this problem?

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 401
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: AutoEnrollment on Cisco IOS
« Reply #1 on: October 03, 2013, 11:43:58 PM »
If you can enroll the first time, I assume the SCEP is working. One thing you might try is to disable the SCEP password completely on the Windows server registry.

 

Related Topics

  Subject / Started by Replies Last post
10 Replies
68867 Views
Last post November 10, 2013, 05:57:10 PM
by MC
5 Replies
27256 Views
Last post March 06, 2014, 09:09:03 AM
by EMMANUEL HADJOR
0 Replies
16960 Views
Last post February 12, 2014, 11:34:46 AM
by MC
1 Replies
20794 Views
Last post May 21, 2015, 10:39:00 PM
by MC
2 Replies
13693 Views
Last post January 09, 2017, 05:47:13 AM
by gvoden

SimplePortal 2.3.7 © 2008-2024, SimplePortal