LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

October 2009

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS October 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: CLEANACCESS Digest - 26 Oct 2009 to 27 Oct 2009 (#2009-178)
From:	Jeremy Wood <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Wed, 28 Oct 2009 20:10:49 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (74 lines)

We commonly see this when the time/date on the computer isn't correct
or in a few cases the computer didn't have any root certificates
installed. I don't think I have had any instances where I needed to
turn off CRL checking in IE. I'd verify these things first.

--Jeremy

On Wed, Oct 28, 2009 at 17:41, Aaron Abitia <[log in to unmask]> wrote:
> Thanks...we are using Thawte certs...from a couple other responses in this
> thread, it looks like this is probably another facet of a known Cisco bug
> that affects Vista, even though my machine in question is XP and other CCA
> admins have seen this same issue on XP too.
>
> http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy37405
>
> -Aaron
>
> On Wed, Oct 28, 2009 at 8:30 AM, Daniel Sichel <[log in to unmask]>
> wrote:
>>
>> >Hello folks,
>> >
>> >I have a Windows machine running XP Pro/Home that is getting a message
>> >intermittently when logging in.  The message displays after the Agent
>> pops
>> >up and the user hits "enter" to login.  It is, "Revocation information
>> for
>> >the security certificate for this site is not available.  Do you want
>> to
>> >proceed?"  If the user hits "yes", then go on as normal with the login
>> and
>> >can get on the network.  If the user hits "view certificate", they can
>> view
>> >the certificate information from our CCA server and has the option to
>> hit a
>> >button to "install certificate", which they did only most recently,
>> then
>> >they can get on the network as well.  At no time has the user not been
>> able
>> >to get on the network. We have valid certs installed, and this message
>> >doesn't happen everytime, only sometimes.  Just trying to ascertain
>> what the
>> >message means and why it happens when it does...I know that the Agent
>> uses
>> >cert information from installed browsers on a machine, but why does
>> this
>> >message come up on this machine and not all the others, is the
>> question.
>> >Why did the user get asked this one time and not all the other times
>> that
>> >they logged in?  It seems to come and go.  Cisco has provided me info
>> on how
>> >to make it go away, so that part is fine, but I'm looking for the "why"
>> >part.  Many thanks for any insight.
>> >
>>
>> If you are using Windows Server(s) for your trusted root cert server, go
>> to the manager and tell it to publish revocation information. I had this
>> exact issue and nobody could log in. For some reason the windows
>> revocation publication stops from time to time.
>>
>> Dan Sichel
>> Ponderosa Telephone
>
>
>
> --
> Aaron Abitia
> Network Analyst
> Network Administration, ITS
> Cal Poly State University
> Tel: 805.756.1295
>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU