[FW1] need certificate manager advice!!!

[michael slavinsky <mslavin21@hotmail.com>]

If somebody has done this before please let me know what I'm doing wrong:

I have the Certificate Manager (Netscape Directory Server 3.0, AMC, Entrust 
CA) loaded on an NT machine, and my management server and pfm are both on an 
AIX box.    According to the VPN-1 documentation (page 46) when using 
ISAKAMP/OAKLEY with public keys you need to generate a public key which 
results in a key pair being generated and sent to the CA.  Every time I try 
and generate a key pair for me pfm, which happens to be my securemote server 
I get a "security protocol failure".   What the heck am I doing wrong???   
The Reference number and Auth. code that I input is generated when I create 
a certificate via the AMC for the pfm, and I've already enable, via the 
fwconfig script the Entrust PKI option so what is happening?   Is the pfm 
failing to communicate with the CA? or is it failing all the way to the CA?  
   Maybe I'm just not doing this the correct way.   The documentation 
basically sucks!, but at least it's better than the 3.0 docs 
were....anybody's help is appreciated.   Mike

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================