Guest

Preview Tool

Cisco Bug: CSCsg31458 - PKI: cannot enter url with more than one '?'

Last Modified

Nov 09, 2016

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

7.2(1.13)

Description (partial)

Symptom:
Some urls used for CRL retrieval require entering multiple question marks "?" to be included (particularly ldap urls).  Currently the ASA doesn't allow mutliple '?' to be entered even when preceeding them with CTRL+V and reports "invalid url" when entering them.

Conditions:
Using and configuring PKI/Digital Certificates sometimes requires the configuration of static CRL retrieval URL's, some of which contain multiple quesiton marks.    Currently ASA doesn't allow them and reports an "invalid url" error.
CLI:
crypto ca trustpoint <name>
  crl configure
    url 1 ldap://myca/test?crl?revocationList
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.