Chapter 4. Troubleshooting

This chapter focuses on the steps you can use to troubleshoot a PKI-related problem. The intent is not to provide an exhaustive list of possible issues, but rather to teach you how to approach the problem and narrow down the possible failure cause. In some instances, assistance from Cisco TAC is ultimately be required, but by identifying failure points as precisely as possible, you might resolve issues without assistance.

This chapter is divided into three sections that map the lifetime of the certificate:

Keying Material Generation

Enrollment Process

Certificate Use and Validation

The examples are given for Cisco IOS-based devices but are applicable to other components such as Cisco ASA Firewalls.

Keying Material ...

Get PKI Uncovered: Certificate-Based Security Solutions for Next-Generation Networks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.