This is primarily for sslvpn type stuff first off.
I use startssl.com for certs etc. They great, they're free for the common stuff and browsers recognise them. All in all they rock. Thanks startssl.com
Importing the cert so I can use it on the router. Seems simple but there are some gotchas.
StartSSL give you a private key..
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
and a public key
First gotcha all they guides i've seen are old and say
crypto ca import
Most new IOS use instead
Second big gotcha is the IOS doesn't do AES. So see in the private key, 3rd line it has AES we need to convert that.
It's easy if you have a Mac or a Linux box. With windows you need to install openssl.
Save your private key on your Desktop as oldkey.pem, open the terminal and type
openssl rsa -in Desktop\oldkey.pem -out Desktop\newkey.pem -des3
Open the newkey.pem file and your public key and download the CA certificate for your provider. They'll have a link in FAQs etc.
Log into the router, enable etc and go to config t.
To be continued
I was playing with this a while back and it didn't work and got forgotten about but this time I dug into it further. There are lots of...
This is something that caught my interest a few years ago and has been sitting in the garage churning out tiny fractions of a bitcoin regula...
This one might save someone some searching :-) I can't remember when it started happening but the UserEventAgent process started using...
We still see this one occasionally. Had one case where we needed to get a policy on but couldn't reboot the firewall. So, tried a few ...