It was the actual CA. It would have been the same CSR (I guess) as I
just generated the PEM from the one that's currently in place. From what
it looks like in Cisco's TAC instructions, you have to generate a new
request by creating a new temporary cert. Not a tough solution but a
serious pain in the patootie, I don't mind saying...

:)

- Sean

----

Sean Hennessey

Networking and Information Security Systems Administrator

The University of Portland


-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Nathaniel Austin
Sent: Wednesday, July 09, 2008 1:41 PM
To: [log in to unmask]
Subject: Re: Cert Question

Interesting. Is it CCA saying that the CSR was previously used, or the 
actual CA saying that?

I'm pretty sure I've done it on a Microsoft CA before, but have never 
tried it with an external CA. Maybe the CSR is the same as it was last 
time you asked for a cert from them and so they reject it.

Nate