i'm trying to generate a csr on an ASA 5505 (ASDM 6.1(1) ASA v8.0(3)) for our new SSL VPN service. i followed the documentation at http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808b3cff.shtml and submitted the csr to our 3rd party vendor Globalsign.
a few days later the request was rejected due "to the inclusion of an unstructuredName element within the subject of the CSR."
when i generate the csr (either from cli or asdm), the resultant csr contains
where my_fqdn is the name i used in the CN field.
i tried generating a csr for the asa with openssl and submitted that to globalsign which was successful but get the error "Certificate does not contain general purpose public key" when i try to install it.
any ideas or pointers appreciated.