Cisco Bug: CSCtf24991 - RSA keys are not syncronized through failover in Multi-Context Mode
Nov 08, 2016
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: When importing an ID (device) certificate on an active ASA in multi-context mode, the certificate fails to show up in the standy ASA's config. A corresponding message similar to: "ERROR: Public key contained in the device certificate doesn't match the device's public key bxb2008-SAN4 configured for trustpoint bxb2008-SAN4." may appear. It may also be observed that when the primary ASA is rebooted and comes up in standby mode, the certificate is no longer present in the running config or that the certificate never appears on the standby ASA. Conditions: Multi-context mode, importing/requesting a certificate with an RSA key that was created on the ASA.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases