|Applies To||Keon Certificate Authority 6.0.2|
Keon Registration Authority 6.0.2
Microsoft Windows 2000 Advanced Server SP2
Cisco VPN Client 3.0.x
|Issue||Unable to enroll to the KRA from a Cisco VPN Client on Linux|
Certificate Request never reaches KCA
Cisco Error log reports: "Failure on: CEP response VERIFY."
KCA logs show "uploading of certificate to client failed: [XrcNOTFOUND: unable to locate requested member or object]; certificate presented: none"
|Cause||Challenge password was not entered on the Cisco VPN Client. You must enter a challenge password during Cisco VPN Client certificate enrollment process. The passphrase is distinct from the password that secures the certificate store.|
|Resolution||The Cisco VPN Client 3.6 for Linux does not prompt for a password when using the interactive shell script for enrollment. You must use the command line with the -chall <challenge_phrase> command line parameter.|
See the following Web page:
for more details on the command line options.
|Legacy Article ID||a14712|