peer certificate null

Document created by cdnadmin on Jan 25, 2014
Version 1Show Document
  • View in full screen mode
This document was generated from CDN thread

Created by: Qassim BADAT on 25-11-2013 07:20:07 AM
Getting below error when connecting to element without client certificate authentication, maybe a missing config somewhere ?  can i run onepk apps without TLS ?

Failed to connect to network element: errorcode = 7, errormsg = connection to network element failed: Fail to connect to Peer certificate NULL!

Followed this steps:
configure terminal
ip http server
crypto pki server cs-label
database level minimum
grant auto
no shutdown

crypto pki export cs-label pem terminal

----after that cut & pasted” directly from the CA Router into a file nerootca.pem on my tutorial directory
--then run:
cisco@onepk:~/cisco/onep/c64/sample-apps/HelloNetwork$ bin/HelloNetwork -a -u lab -p lab123

configs of the router is: (ATTACHED)

---show cli---
Router#sh onep status Status: enabledVersion: 1.1.0Transport: tcp; Status: disabledTransport: tls; Status: running; Port: 15002; localcert: default; client cert validation disabledTransport: tipc; Status: disabledSession Max Limit: 10CPU Interval: 0 secondsCPU Falling Threshold: 0%CPU Rising Threshold: 0%History Buffer: EnabledHistory Buffer Purge: OldestHistory Buffer Size: 32768 bytesHistory Syslog: DisabledHistory Archived Session: 0History Max Archive: 16
Service Set: Base               State: Enabled     Version 1.1.0Service Set: Vty                State: Disabled    Version 0.1.0Service Set: Mediatrace         State: Disabled    Version 1.0.0

Subject: RE: peer certificate null
Replied by: Joseph Clarke on 25-11-2013 08:42:27 AM
Nothing was attached.  When you run the app, you also need to pass the -R option to specify where to find the root cert.  It doesn't look like you did this, and that's why the NULL error occurs.