Руководство По Устранению Ошибки для Cisco Cisco ASA for Nexus 1000V Series Switch
cn=Symantec Class 3 Secure Server CA - G4
,ou=Symantec Trust Network,o=Symantec
Corporation,c=US, issuer name: cn=VeriSign Class 3 Public Primary Certification Authority
- G5,ou=(c) 2006 VeriSign\, Inc. - For authorized use only,ou=VeriSign Trust Network,
o=VeriSign\, Inc.,c=US .
For further information, run these debugs while you attempt another registration. Secure Socket
Layer errors are seen.
Layer errors are seen.
certificate serial number: 250CE8E030612E9F2B89F7058FD, subject name:
cn=VeriSign Class 3 Public Primary Certification Authority - G5,ou=(c) 2006 VeriSign\, Inc.
- For authorized use only,ou=VeriSign Trust Network,o=VeriSign\, Inc.,c=US, issuer name:
Certificate validation failed. No suitable trustpoints found to validate
certificate serial number: 513FB9743870B73440418699FF, subject name:
cn=Symantec Class 3 Secure Server CA - G4
,ou=Symantec Trust Network,o=Symantec
Corporation,c=US, issuer name: cn=VeriSign Class 3 Public Primary Certification Authority
- G5,ou=(c) 2006 VeriSign\, Inc. - For authorized use only,ou=VeriSign Trust Network,
o=VeriSign\, Inc.,c=US .
Specifically, this message is seen as part of that output:
certificate serial number: 250CE8E030612E9F2B89F7058FD, subject name:
cn=VeriSign Class 3 Public Primary Certification Authority - G5,ou=(c) 2006 VeriSign\, Inc.
- For authorized use only,ou=VeriSign Trust Network,o=VeriSign\, Inc.,c=US, issuer name:
Certificate validation failed. No suitable trustpoints found to validate
certificate serial number: 513FB9743870B73440418699FF, subject name:
cn=Symantec Class 3 Secure Server CA - G4
,ou=Symantec Trust Network,o=Symantec
Corporation,c=US, issuer name: cn=VeriSign Class 3 Public Primary Certification Authority
- G5,ou=(c) 2006 VeriSign\, Inc. - For authorized use only,ou=VeriSign Trust Network,
o=VeriSign\, Inc.,c=US .
In the default ASAv configuration, there is a trustpoint called _SmartCallHome_ServerCA that has
a certificate loaded and issued to the subject name "cn=Verisign Class 3 Secure Server CA - G3".
a certificate loaded and issued to the subject name "cn=Verisign Class 3 Secure Server CA - G3".
ASAv# show crypto ca certificate
CA Certificate
Status: Available
Certificate Serial Number: 6ecc7aa5a7032009b8cebc2d491
Certificate Usage: General Purpose
Public Key Type: RSA (2048 bits)
Signature Algorithm: SHA1 with RSA Encryption
Issuer Name:
cn=VeriSign Class 3 Public Primary Certification Authority - G5
ou=(c) 2006 VeriSign\, Inc. - For authorized use only
ou=VeriSign Trust Network
o=VeriSign\, Inc.
c=US
Subject Name:
cn=VeriSign Class 3 Secure Server CA - G3
ou=Terms of use at https://www.verisign.com/rpa (c)10
ou=VeriSign Trust Network
o=VeriSign\, Inc.
c=US
OCSP AIA:
URL: http://ocsp.verisign.com
CRL Distribution Points:
[1] http://crl.verisign.com/pca3-g5.crl
Validity Date:
start date: 00:00:00 UTC Feb 8 2010
end date: 23:59:59 UTC Feb 7 2020
Associated Trustpoints: _SmartCallHome_ServerCA