Figure 12-25 – Cisco VPN 3002 User Manual
Page 149
12-23
VPN 3002 Hardware Client Reference
OL-1893-01
Chapter 12 Administration
Certificate Management
Figure 12-25 Administration | Certificate Management | Enroll | Identity Certificate | SCEP Screen
Step 5
Fill in the fields and click Enroll. (For information on the fields on this screen, see
.) The
VPN 3002 sends the certificate request to the CA.
If the CA does not issue the certificate immediately (some CAs require manual verification of credentials
and this can take time), the certificate request could enter polling mode. In polling mode, the VPN 3002
re-sends the certificate request to the CA a specified number of times at regular intervals until the CA
responds or the process times out. (For information on configuring the polling limit and interval, see the
Administration | Certificate Management | Configure CA Certificate
screen.) The certificate request
appears in the Enrollment Status table on the Administration | Certificate Management screen until the
CA responds. Once the CA responds and issues the certificate, the VPN 3002 checks to see if it already
has an active certificate. If there is no active certificate, the VPN 3002 installs the new certificate
automatically. If there already is an active certificate, the new certificate appears in the Enrollment
Status table; you have to activate it manually.
If the CA responds immediately, the Manager installs the identity certificate on the VPN 3002 and
displays the Administration | Certificate Management | Enrollment | Request Generated screen.
(See