ASA 8.4 and win 2008 ca problem

Discussion in 'Cisco' started by binelipetrov, Feb 23, 2011.

  1. binelipetrov

    binelipetrov

    Joined:
    Feb 23, 2011
    Messages:
    1
    Hi,

    we have a problem with authenticating to the trustpoint for CA on WIn 2008 Enterprise machine. Enrollment url
    enrollment url http://CAWin2008/certsrv/mscep_admin/

    We are getting following error
    ERROR: receiving Certificate Authority certificate: status = FAIL, cert length = 0
    ASA(config)# Content-Type indicates we did not receive a certificate.

    after trying to authenticate.

    After checking wireshark files on Win2008 machine, we noticed that WIN2008 are sending specific HTTP 401 'unaothorized:access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied.' error, it is like CA and their IIS service is trying to authenticate ASA but ASA does not send any credentials.

    Is anybody familiar with this problem and how we can solve it?

    Vladimir
     
    binelipetrov, Feb 23, 2011
    #1
    1. Advertising

  2. binelipetrov

    spop

    Joined:
    May 28, 2011
    Messages:
    1
    spop, May 28, 2011
    #2
    1. Advertising

  3. binelipetrov

    Roee Kasir

    Joined:
    Sep 4, 2013
    Messages:
    1
    Can not get Certificate


    Hi

    I have a similiar issue to get a certificate from microsoft CA server on windows 2008 server .
    I am trying to get the Certificate using Cisco Router 3825 and receive :



    R2(config)#crypto ca authenticate dialogic-S444802-CA
    % Error in receiving Certificate Authority certificate: status = FAIL, cert length = 0
    R2(config)#
    Sep 4 13:12:50.335: CRYPTO_PKI: Sending CA Certificate Request:
    GET /certsrv/mscep/mscep.dll/pkiclient.exe?operation=GetCACert&message=dialogic-S444802-CA HTTP/1.0
    User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Cisco PKI)
    Host: 192.168.4.150

    Sep 4 13:12:50.335: CRYPTO_PKI: locked trustpoint dialogic-S444802-CA, refcount is 1
    Sep 4 13:12:50.335: CRYPTO_PKI: can not resolve server name/IP address
    Sep 4 13:12:50.335: CRYPTO_PKI: Using unresolved IP Address 192.168.4.150
    Sep 4 13:12:50.335: CRYPTO_PKI: http connection opened
    Sep 4 13:12:50.335: CRYPTO_PKI: Sending HTTP message
    Sep 4 13:12:50.335: CRYPTO_PKI: Reply HTTP header:
    HTTP/1.0
    User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Cisco PKI)
    Host: 192.168.4.150

    Sep 4 13:12:50.335: CRYPTO_PKI: unlocked trustpoint dialogic-S444802-CA, refcount is 0
    Sep 4 13:12:50.335: CRYPTO_PKI: locked trustpoint dialogic-S444802-CA, refcount is 1
    Sep 4 13:12:50.835: CRYPTO_PKI: unlocked trustpoint dialogic-S444802-CA, refcount is 0
    Sep 4 13:12:50.835: CRYPTO_PKI: Reply HTTP header:
    HTTP/1.1 404 Not Found
    Server: Apache-Coyote/1.1
    Content-Type: text/html;charset=utf-8
    Content-Length: 1066
    Vary: Accept-Encoding
    Date: Wed, 04 Sep 2013 10:12:57 GMT
    Connection: close
    Content-Type indicates we did not receive a certificate.
    Sep 4 13:12:50.835: CRYPTO_PKI: transaction GetCACert completed


    My Router configuration for trustpoint is :

    crypto pki trustpoint dialogic-S444802-CA
    enrollment retry count 5
    enrollment retry period 3
    enrollment url
    ip-address 192.168.4.150
    revocation-check none

    I really apreciate your assitance and Pls let me know which knowledge is missing .

    thaanks
    Roee
     
    Roee Kasir, Sep 4, 2013
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Neil
    Replies:
    1
    Views:
    2,337
    Gabriel Méndez
    Apr 29, 2008
  2. alexd
    Replies:
    4
    Views:
    1,761
    bod43
    Jan 24, 2009
  3. Pincopallino

    MCSA Win Server 2003 - Win Server 2008

    Pincopallino, Oct 10, 2007, in forum: MCDST
    Replies:
    1
    Views:
    491
    Montreal MCT
    Oct 10, 2007
  4. Dominick

    Win Server 2008 R2 RC and SuperFetch

    Dominick, Jun 7, 2009, in forum: Windows 64bit
    Replies:
    0
    Views:
    720
    Dominick
    Jun 7, 2009
  5. Eric Vogel

    Cannot Install WIn Server 2008 R2 x64 in Win 7

    Eric Vogel, Sep 3, 2010, in forum: Windows 64bit
    Replies:
    3
    Views:
    1,002
    Eric Vogel
    Sep 5, 2010
Loading...

Share This Page