Guest

Cisco 2800 Series Integrated Services Routers

Install Trusted Authority Certificates on Cisco IOS Routers for Trend URL Filtering Support

Document ID: 81717

Updated: Apr 20, 2007

   Print


Contents

Introduction
Prerequisites
     Requirements
     Components Used
     Conventions
Install the Certificate
Manual Installation

Related Information

Related Cisco Support Community Discussions


Introduction

In order to make use of Trend Micro's URL Filtering trial licenses or Trend Micro's URL Filtering paid subscription license from Cisco, a subordinate certificate must be configured on the router.  This subordinate certificate is used by the router to ensure that communication occurs with the appropriate Trend servers.

This document helps you to install a Secure Socket Layer (SSL) subordinate certificate for Trend Micro's URL Filtering support automatically by the use of the Secure Device Provisioning tool (formerly known as the Easy Secure Device Deployment (EZSDD) tool). EZSDD is an integrated solution to streamline VPN and network security deployment. It offers a simple web-based enrollment and configuration-bootstrap interface.

Prerequisites

Requirements

This web page can automatically facilitate the installation of the subordinate certificate if these conditions are met.

  • The PC that you use to view this page must have network connectivity to the router in which the subordinate certificate is to be installed.
  • The management IP address of the router must be known and entered as requested in this web page.
  • The admin user name and password must be known and entered when requested.

With the assumption that these requirements are met, the subordinate certificate is installed automatically with the use of this tool. On the other hand, the certificate can also be downloaded from here and installed manually:

Note: A proxy server is a device that functions as an intermediary between a web browser (such as Internet Explorer) and the Internet. Proxy servers help improve web performance by storing a copy of frequently used web pages. When a browser requests a web page stored in the proxy server's collection (cache), it is provided by the proxy server, which is faster than going to the web. Certain proxy configurations can affect the use of this tool. Verify that you do not have proxy services enabled in your browser when you use this tool/web site to deploy the certificate to the router.

Conventions

Refer to Technical Tips Conventions for more information on document conventions.

Install the Certificate

Enter the Router's IP address in this form and click Submit.

AV Firewall Device Provisioning


Enter Device IP Address


Manual Installation

The Manual Certificate Enrollment (TFTP and Cut-and-Paste) feature allows users to generate a certificate request and accept certification authority (CA) certificates as well as the router's certificates. These tasks are accomplished via a TFTP server or manual cut-and-paste operations. Refer to Manual Certificate Enrollment (TFTP and Cut-and-Paste) in order to obtain step-by-step instructions on how to manually install a certificate on your Cisco IOS router.

Determine Platform Support Through Cisco Feature Navigator

Cisco IOS software is packaged in feature sets that are supported on specific platforms. In order to get updated information related to platform support for this feature, access the Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.

Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. Under the release section, you can compare releases side by side to display both the features unique to each software release and the features in common.

In order to access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check verifies that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password are e-mailed to you. Qualified users can establish an account on Cisco.com from this page:

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page.


Related Information



Updated: Apr 20, 2007
Document ID: 81717