Manualshelf

Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274
301302303304305306307308309310
1-32
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
Chapter 1 Configuring Other System Settings
Managing WAAS Express Devices
waas-express(ca-trustpoint)#enrollment terminal pem
waas-express(ca-trustpoint)#exit
waas-express(config)#crypto pki authenticate wcm
Enter the base 64 encoded CA certificate.
End with a blank line or the word “quit” on a line by itself
Step 6 Paste in the certificate that you copied from the Central Manager in Step 3.
Configuring a WAAS Express Device Certificate
The WAAS Express device needs a certificate that is requested by the Central Manager when
establishing HTTPS communication. This procedure describes how to configure a persistent self-signed
certificate on the router, but you can also use a CA signed certificate.
To configure a WAAS Express device certificate, follow these steps:
Step 1 Log in to the WAAS Express device CLI.
Step 2 Create a self-signed certificate on the router:
Note Due to CSCsy03412, you must configure ip domain name name before enrolling the certificate.
If you do not configure ip domain name, IOS regenerates the self-signed certificate upon reload
and this affects the communication with the WAAS Central Manager.
waas-express#config t
Enter configuration commands, one per line. End with CNTL/Z.
waas-express(config)#crypto pki trustpoint local
waas-express(ca-trustpoint)#enrollment selfsigned
waas-express(ca-trustpoint)#subject-alt-name routerFQDN
waas-express(ca-trustpoint)#exit
waas-express(config)#crypto pki enroll local
% Include the router serial number in the subject name? [yes/no]: yes
% Include an IP address in the subject name? [no]: yes
Enter Interface name or IP Address[]: 10.10.10.25
Generate Self Signed Router Certificate? [yes/no]: yes
Router Self Signed Certificate successfully created
If the WAAS Express device certificate changes after the WAAS Express device is registered with the
Central Manager, you must reimport the certificate into the Central Manager. For details, see the
“Reimporting WAAS Express Certificate” section on page 1-34.
Enabling the HTTP Secure Server on the WAAS Express Device
The Central Manager and a WAAS Express device communicate using the HTTPS protocol. You must
enable the HTTP secure server on the WAAS Express device.
To enable the HTTP secure server, follow these steps: