Greetings - I read an article from Cisco on this, but it was a bit confusing. Can I get some clarification? Objective: I'm trying to make it so that when I attach to the "Inside / Private" interface, my administration session is protected by a trusted SSL cert. We have no WebVPN clients at all - everyone is using the normal thin-cleint (4.x and 5.x)
I've already stepped thru the process to create a Certificate Signing Request (CSR), and I have the cert already generated & in my possession. I went to complete the pending request, and I get an error about the certificate not being part of a trusted chain. The doc I read was talking about Certificate Authorities & Identity Certificates & was confusing. I could see maybe that I'd be required to import the 'next-level-up' certificate in the trust-chain, but I still got the same error. Plus, the cert I have is "two-deep" - there's the actual Verisign root cert, then a company-wide cert against-which certs are created, then there's the cert for the FQDN that's in my posession. I just need to protect my HTTPS session into the Private interface, to administer the concentrator. Thanks!