ASA 8.2 - SSL Wildcard Certificate Installation

Unanswered Question
Apr 13th, 2010
User Badges:

Hello,


I'm in the process of setting up SSL VPN on our ASA 5520 running 8.2 and would like to use our Thawte-issued wildcard certificate, however while I've been able to install it as a CA Certificate - I'm unable to use this as a trustpoint for the SSL VPN.  I've tried installing the cert as an Identity Certificate however I only seem to be able to generate a new CSR which I shouldn't have to do with a wildcard cert from what I understand.



Can anyone provide some insight on what I need to do to get this wildcard cert installed?


Thanks,


Rob

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Tue, 04/13/2010 - 16:31
User Badges:
  • Cisco Employee,

1) Crypto trustpoint for that wildcard certificate should have "fqdn none" configured.


2) Then you would need to import both certificate and the key-pair to the ASA if you didn't generate the CSR from this ASA. The format should be PKCS12 (you would need to use OpenSSL to combine the certificate and key-pair in PKCS12 format prior to importing it to ASA):

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/c5.html#wp2187289


Hope that helps.

ihernandez81 Tue, 10/09/2012 - 05:39
User Badges:

rcoote5902, did you ever get an answer to this? I'm at the same point right now on an asa..did you use openssl to generate your CSR...did you get some steps on this...

rcoote5902_2 Tue, 10/09/2012 - 08:04
User Badges:

Hello,


No this was never resolved.  We're also in the process of migrating to a different firewall vendor.


Thanks,

Rob

Actions

This Discussion

Related Content