[cisco-voip] IOS crypto pki certificate pool

Brian Meade bmeade90 at vt.edu
Tue May 1 09:31:29 EDT 2018


Is it running CME with CAPF configured?

On Mon, Apr 30, 2018 at 11:44 PM, James Andrewartha <
jandrewartha at ccgs.wa.edu.au> wrote:

> Hi voipers,
>
> Has anyone seen an issue where a router will fail to load its config
> after a reboot because of "crypto pki certificate pool" configuration
> that is somehow automatically downloaded? It is annoyingly repeatable
> for me, I have to connect via serial console because all the IP config
> is after the certificates. The routers are 2921 running
> C2900-UNIVERSALK9-M, 15.3(3)M4, RELEASE SOFTWARE (fc2). After restoring
> the config, the certificates are redownloaded after a week or so.
>
> The first new lines (from the rancid diff) are:
>
>   crypto pki certificate pool
> +  certificate ca 01
> +   30820335 3082021D A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
> +   3C310B30 09060355 04061302 55533116 30140603 55040A13 0D436973 636F2053
>
> Thanks,
>
> --
> James Andrewartha
> Network & Projects Engineer
> Christ Church Grammar School
> Claremont, Western Australia
> Ph. (08) 9442 1757
> Mob. 0424 160 877
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180501/031f1efd/attachment.html>


More information about the cisco-voip mailing list