[afnog] [c-nsp] Cisco ACS Release 3.2(3) Build 11

John Gitau JGitau at Safaricom.co.ke
Thu Sep 29 08:05:48 EAT 2005


Scott,

> Are you trying to put the cert up using FTP?
> 
> If so, are you by chance using Anonymous user account for FTP?
> 
> If so, don't.  I had the exact same issue.  It looked like 
> the cert loaded, and never really did... after trial and 
> error, I discovered that it didn't like the fact that I was 
> using an anonymous ftp account on my ftp server... 
> go figure!  I used a real account and it let me download it.  
> The TAC said it wouldn't use the usernames anonymous or ftp.

I managed to fix it. And yes at some point I had to change the FTP servers. 
I never used anonymous FTP at any point and no, that's not what solved the 
problem for me in the end. It appears all the certificates I was generating 
Using microsoft or unix tools were okay for anything else including apache, 
IIS, and anything else I use that uses certificates. 

I just got lucky. It just so happened that we had ordered for a Cisco secure 
ACS engine running release 3.3. that was somewhere in a box. This one generates 
self signed certificates. So I created one from the new ACS, uploaded it to FTP 
then downloaded it onto the old ACS running 3.2. That worked. Now Im just going 
through the two certificates to see what the major differences in the format are, 
with so many tools available to convert from one format to another I don't think 
this will be a problem for me any more - well at least it wont take me two days 
to sort out:-)

Thank you.

+----------------------------+
| +-----+ Highly Enhanced    | 
| |-O-O-| Portrait of:       | 
| |  &  | John Gitau,        | 
| | --- | Network Analyst    | 
| +-----+ Safaricom LTD	     |
|        +254 427 3073       |
|	 +254 724 988 226      | 
+----------------------------+ 





More information about the afnog mailing list