unable to delete identity certificta from cisco router

Discussion in 'Cisco' started by melvynbrown, May 14, 2012.

  1. melvynbrown

    melvynbrown

    Joined:
    Jul 31, 2007
    Messages:
    5
    i have configured a cisco router with the following configuration to practice obtaining
    certificates from a microsoft 2008 server configured as a stand alone CA.

    this part works okay but what i am trying to do next is giving me a headache
    i am trying to delete the identity certificate but am having no luck whatsoever

    interface FastEthernet0/0
    ip address 192.168.2.1 255.255.255.0
    ip nat outside
    no shut

    interface FastEthernet0/1
    ip address 192.168.1.1 255.255.255.0
    ip nat inside
    no shut

    access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255

    access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
    access-list 102 permit ip 192.168.1.0 0.0.0.255 any

    hostname Purley
    ip domain-name acme.com

    crypto key generate rsa general-keys

    crypto ca trustpoint Purley
    enrollment terminal
    crl optional
    enrollment retry period 1
    enrollment retry count 10
    subject-name cn=purley.acme.com, ou=sales, o=acme ltd, l=purley, st=surrey, c=GB
    exit

    crypto ca authenticate Purley

    crypto ca enroll Purley

    crypto ca import Purley certificate

    crypto isakmp enable
    crypto isakmp identity hostname

    crypto isakmp policy 10
    authentication rsa-sig
    encryption 3des
    hash md5
    group 2
    lifetime 86400

    crypto ipsec transform-set BOSTON esp-3des esp-md5-hmac

    crypto map VPN 10 ipsec-isakmp
    set peer 192.168.2.2
    set transform-set BOSTON
    match address 101

    route-map nonat permit 10
    match ip address 102

    ip nat inside source route-map nonat interface FastEthernet0 overload

    ip route 0.0.0.0 0.0.0.0 192.168.2.2

    interface FastEthernet0/0
    crypto map VPN

    copy run start



    Purley#show crypto ca certificate
    Certificate
    Status: Available
    Certificate Serial Number: 61E0446A000000000002
    Certificate Usage: General Purpose
    Issuer:
    cn=WIN-SQV1ABKN6Q4-CA
    dc=ACME
    dc=COM
    Subject:
    Name: purley.acme.com
    cn=purley.acme.com
    ou=sales
    o=acme ltd
    l=purley
    st=surrey
    c=GB
    CRL Distribution Point:
    file://WIN-SQV1ABKN6Q4/CertEnroll/WIN-SQV1ABKN6Q4-CA.crl
    Validity Date:
    start date: 14:46:13 UTC May 14 2012
    end date: 14:56:13 UTC May 14 2013
    Associated Trustpoints: Purley

    CA Certificate
    Status: Available
    Certificate Serial Number: 222F01C2CED6A5B94F83A17D00339E6B
    Certificate Usage: Signature
    Issuer:
    cn=WIN-SQV1ABKN6Q4-CA
    dc=ACME
    dc=COM
    Subject:
    cn=WIN-SQV1ABKN6Q4-CA
    dc=ACME
    dc=COM
    Validity Date:
    start date: 12:48:03 UTC May 14 2012
    end date: 12:58:02 UTC May 14 2017
    Associated Trustpoints: Purley

    i entered the following commands on the router to delete the certificate
    but as you can see its telling me the certificate dosn't exist
    (this method of deleting the cert has come from Richard Deals
    complete cisco vpn configuration guide)


    Purley(config)#crypto ca certificate chain Purley
    Purley(config-cert-chain)#no certificate 61E0446A000000000002
    % Certificate not found.


    has anyone any ideas as i am stumpted

    Regards

    Melvyn brown

    ps the router is a 3640 running c3640-jk9o3s-mz.124-7.bin
     
    melvynbrown, May 14, 2012
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Voitec
    Replies:
    6
    Views:
    773
    Voitec
    Sep 12, 2004
  2. Scooter
    Replies:
    0
    Views:
    2,209
    Scooter
    Mar 3, 2005
  3. Lee Something

    Cannot Delete, (The Delete Key Won't Work)

    Lee Something, Oct 15, 2003, in forum: Computer Support
    Replies:
    13
    Views:
    7,860
    trout
    Oct 15, 2003
  4. Nigel Cullen
    Replies:
    1
    Views:
    4,861
    Bod43@hotmail.co.uk
    Apr 18, 2007
  5. jjoensuu
    Replies:
    0
    Views:
    918
    jjoensuu
    Oct 14, 2007
Loading...

Share This Page