Hi,
When you first configure a trust point the next thing you will do is to manually enroll and authenticate the CA to itself with the standard procedures.
crypto pki authenticate <trustpoint> crypto pki enroll <trustpoint> Once the CA has successfully authenticated and enrolled the certificate then will be stored on the routers local storage.
Question:
- If router reloads, basically it will use the certificate installed on local storage and router doesn't do automatic authenticate and enrollment on it reboot?
- So this mean that if the certificate is still valid for a period of time then we don't need to repeat the manual auth/enroll process?
- During the troubleshooting would you recommend re-authenticating or re-enrolling to trustpoint? If yes, what would be it's advantage. If no, what would be the risk repeating the process?
- In what instance should we repeat the manual auth/enroll process?
Thank you
No comments:
Post a Comment