Set The Ldap Keyring Certificate - Cisco Firepower 4110 Preparative Procedures & Operational User Manual

Cisco Preparative Procedures & Operational User Guide
Checking CDP in peer certificate
chain
CDP checking for Root CA
certificate of the peer certificate
chain
Any certificate validation failure
in the peer certificate chain
Any certificate revoked in the
peer certificate chain
One CDP is missing the peer
certificate chain
One CDP CRL is empty in the
peer certificate chain with valid
signature
Any CDP in the peer certificate
chain cannot be downloaded
Certificate has CDP, but the CDP
server is down
Certificate has CDP, server is up,
and CRL is on CDP, but the CRL
has an invalid signature
4.4.11

Set the LDAP Keyring Certificate

Use the following procedure to set a secure LDAP client keyring certificate in order to support a TLS
connection on your FXOS chassis.
1) From the FXOS CLI, enter the security mode:
scope system
scope security
2) Enter the LDAP mode:
scope ldap
3) Enter the LDAP server:
enter server server_ip
4) Set the LDAP keyring:
set keyring keyring_name
5) Commit the configuration:
commit buffer
© 2016 Cisco Systems, Inc. All rights reserved.
Full certificate chain
Yes
Connection fails with syslog
message
Connection fails with syslog
message
Connection succeeds
Connection succeeds
Connection succeeds
Connection succeeds
Connection succeeds
Full certificate chain
Not applicable
Connection fails with syslog
message
Connection fails with syslog
message
Connection succeeds
Connection succeeds
Connection succeeds
Connection succeeds
Connection succeeds