I am testing a VPN using Certifactes.
I have trial certs from Thawte.
When I registered for the certificates I didn't link the two in any way.
I have installed the certs on the two ASA's with the root CA also and the VPN is working fine.
My question is what stops someone else getting a trial cert from thawte that will be trusted by my two ASA.
And how will this be different when I move to "paid" certificates?
If the cert is issued by my trusted root CA will the firewalls blindly except it?