Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
763
Views
0
Helpful
1
Replies

Export private key from PIX

siarhei
Level 1
Level 1

‎09-08-2007 12:00 PM

Hi,

I am upgrading from PIX 515 to ASA 5520 and I need to export the private keys generated on PIX with command `crypto key generate rsa` to ASA. That's because I want to reuse on ASA the certificate generated by CA for PIX. Is there a way to acomplish this task other then re-generate new keypair on ASA and re-enroll it on CA? Please advise.

Labels:
0 Helpful
1 Reply 1

tstanik
Level 5
Level 5

‎09-13-2007 01:55 PM

When two devices use an Identity Certificate to initiate VPN negotiations, they actually need to prove they are actually the devices for which those certificates were issued. Following this idea, each device needs to provide certain information to the CA server in order to get this certificate properly signed by it. When two devices need to use certificates to initiate a VPN tunnel, they should not be able to use the certificate from another device to authenticate themselves. Hence it is going to be necessary to enroll the ASA device against the CA server in order to have the option to use certificates.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents