> We will secure by having the root CA off-line and walking
> the ROOT Cert to the RA. Also, the CA cert will remain
> pending until the security admin issues it to the router.
You should note that IOS currently doesn't currently support
cert chaining (subordinate CAs). I learned this the hard way.
TAC tells me, however, that DE is testing two-level hierar-
chies and that they expect it to ship with 12.1(4)T or maybe
first with 12.2.
HTH,
-A
--
Heroes: Vint Cerf & Bob Kahn, Leonard Kleinrock, Robert Metcalfe
Links : http://www.hojmark.org/networking/
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
