Cisco ASA Ver 8.0 Local CA Assistance for SSL VPN

Unanswered Question
Sep 20th, 2007
User Badges:

Hi all,

I am working on a project where an ASA Ver 8.0 is terminating SSL VPN Web Peers.

The setup works fine, however I am experiencing issues with certificates.

What I wanted to do was issue a certifiacte using the new Local CA found in the new code release. I have set this up, and can generate OTP's via email etc.

The user downloads and installs a certificate and this also works fine. The problem I have is an age old issue with Trust relationships.

For some reason when I attempt to connect to the SSL VPN, I pass the identity certificate phase but I am then asked for a secondary cert, which looks like a default asa one. This of course is untrusted.

My question is, why am I given a secondary certificate, having passed the identity stage ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion