09-04-2008 11:48 AM
Hello.
I have a customer that wants to implement RA VPN with digital certificates, and they want the ASA (5510) to be the CA (not Microsoft or any other).
Well, I configured the trustpoint, ca server and OTP that is working fine, I receive the email ok, but I cannot click on the link to download and install the certificate on my desktop... the url is: https://asahostname/+CSCOCA+/enroll.html
I don't know if my configuration are fine.. I already tried to configure a VPN and I think it's ok, but my client didn't connect because I cannot enroll the certificate for the link ASA sent me.
There is no config guide for this.. (I did not find it) and if some of you have, please let me know.
Hope sombebody help me...
And sorry for my "not so good" english.
Thanks,
Fernando
09-10-2008 01:21 PM
The Local Certificate Authority (Local CA) integrates a basic certificate authority functionality on the security appliance, deploys certificates, and provides secure revocation checking of issued certificates. The Local CA provides trusted digital certificates to users, without the need to rely on external certificate authorization.The Local CA provides a secure inhouse authority for certificate authentication and offers straightforward user enrollment by means of a browser webpage login.
11-03-2008 08:52 AM
Hello,
I have also trouble with the Local CA on an ASA 5510.
I found that the enrollment is only working on the outside interface, coming from an outside network. And of course you need DNS pointing to the correct asahostname for your environment.
Has anyone an idea if I can change the interface for certificate enrollment?
11-04-2009 01:25 AM
Hello,
just copy the link to your browser
and follow instruction for authentification if the link don't found
the problem is your asahostname or ensure taht your enable http server on your requested interface as cli :::
http x.x.x.x mask interface_name
i'm trying setup the same service but
the auth with OTP failed @ /+CSCOCA+/enroll.html page
regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide