06-12-2010 03:20 AM
HI All,
I've got a certificate and private key that i would like to upload to my asa for webvpn use.
The Key was generated on IIS and the cert is a wildcard cert (*.domain.com).
I did not really look to hard, but i cannot find a way to upload this key to the asa, and
use the wildcard for my domain for this cert (vpn.domain.com).
Can i upload the key somehow to use with the cert (i figured how to upload the cert)?
Can i use the wildcard cert for webvpn?
Thanks for your help
Stephen
06-13-2010 01:51 AM
Stephen,
Are we talking about PKCS12?
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2224488
crypto ca import trustpoint pkcs12 passphrase [ nointeractive ]
Marcin
06-13-2010 10:03 AM
Thanks for the hlep. it did help.
What i ended up doing was export the cert and key from an IIS installation.
In converted the .pfx binary to to a .pem using openssl
openssl pkcs12 -in c:\wildcard.pfx -out c:\wildcard.pem
then i extracted the private key and the cert from the .pem manually (copy and paste)
I then ran the openssl command
openssl pkcs12 -export -in wildcard_cert.pem -inkey c:\wildcard_key.pem -out wildcard.p12 -clcerts converting the cert and key to a pkcs12 format.
I was asked for the export password and then applied the import password.
this .p12 file was easily installed on asdm identity certificate,
and i then applied it to the outside interface.
This worked a treat for me.
Thanks
Stephen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide