Peter Sylvester wrote:
Besides this, the protocol description itself demonstrates a very
interesting knowledge of HTTP. :-(
The hard coded URL cgi-bin/pkiclient.exe is not the worst part.
Which Cisco themselves seem to ignore. You can give an optional path to
the URL on the PIX, although it
Charles B Cranston wrote:
So, am I right that OpenSSL has the means to make these PKCS7 files
and the only new code development would be a network program to open
connections and send and receive the appropriate stuff?
Yes. The hardest part (and it isn't that hard) is assembling /
disassembling
Charles B Cranston wrote:
Sorry for my ignorance, could you post a reference to SCEP? What would
it take to manhandle a standard certificate into this format? Or is it
a lot more difficult than that?
SCEP is a standard proposed by Cisco (Simple Certificate Enrollment
Protocol) see http://www.ci
[EMAIL PROTECTED] wrote:
I'm assuming you mean a Pix Firewall version 6.3.x. I don't think there is a
way to get a certificate onto a Pix, as the "ca" commands can only create
certificates.
The only way to get a cert is via SCEP. There are only a handful of CAs
that support SCEP, and no open
Sly Upah wrote:
Is anyone using openssl with Cisco VPN gadgets? I could use some instructions
(anything on the web?) with the steps involved in setting up our own CA to
test the possibilty of this. I have setup a self-signed root CA. But, what to
do next is a little unclear. Cisco's use of the ter
[EMAIL PROTECTED] wrote:
> Which macros are these? I received 30 mails also and didn't sent
> anything.
> I'm subscribed to other mailing lists and never had this problem. And today
> I've already had 4 copies of some mails.
>
Count yourself lucky. On Sunday I got over 300 copies each o