cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
732
Views
0
Helpful
2
Replies

ASA SSL trustpoints

k.abillama
Level 1
Level 1

Hello,

I have a scenario where a web server is hosted on the inside and users accessing to it through https are being authenticated first on the ASA( there is a certificated installed on the ASA for secure access)

I want to add another web server and do the same setup, will I need a separate cetificate on the ASA( can I have multiple certificates for the same trustpoint knowing that I can assign only one trustpoint on the outside interface)

What's the best practise?

2 Replies 2

Not applicable

Yes you can assign the trustpoint to be used for SSL connections on the outside interface.

A trustpoint contains the identity of a certificate authority, CA-specific configuration parameters, and an association with one enrolled identity certificate. You need one trustpoint to connect with the Citrix server. You can configure up to two trustpoints, each to be assigned to a different interface on the security appliance; however, you can assign a single trustpoint to two interfaces.

It is already the case, I already have a trustpoint configured on the outside interface. But I need to know if multiple certificates can coexist under one trustpoint.

Another thing, is it feasible to configure a subinterface on the outside interface and have a truspoint for each subinterface?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: