[Pki-users] Dogtag and certificate VPN
Andrew Wnuk
awnuk at redhat.com
Thu Oct 11 16:34:08 UTC 2012
Hi Nick,
Dogtag and RHCS have been tested with Cisco ASA 5100 in the past. CA
tests successfully issued certificates to Cisco ASA 5100 router via SCEP
protocol. However, router's bug
<https://bugzilla.redhat.com/show_bug.cgi?id=505200>was discovered
during this testing showing that router does not generates keys with
proper parity. This issue occurs only when CA is connected to NetHSM
since NetHSM rejects keys without proper parity. If you are experiencing
this issue, you may search Cisco software updates for a fix.
Thank you,
Andrew
On 10/11/2012 07:20 AM, Ritter, Nicholas wrote:
>
> Is anyone using, or has tested, Dogtag with certificate based VPN? And
> more specifically with Cisco ASA Anyconnect and IPSEC VPN?
>
> I searched through the dogtag mailing list archive and the Cisco
> forums and found someone tried to do this in 2010 and had problems
> that I can only assume there was no resolution to. The last posting I
> saw was someone giving the blanket vendor reason of "Cisco does not
> support that CA". Given that there has not been a posting since, and
> that was two years ago, I was curious if anyone had tested/implemented it?
>
> Nick
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20121011/1ee6638c/attachment.htm>
More information about the Pki-users
mailing list