Anyconnect with Certificate only?

Unanswered Question
Jul 25th, 2011
User Badges:

I found a doc on how to setup anyconnect using a certificate for authentication. I got it working but then realize if the portal is active its using that cert for connection and authentication. That's not secure at all. How do i make is use one for portal and another for authentication?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jason Gervia Wed, 07/27/2011 - 13:23
User Badges:
  • Cisco Employee,

Use the SSL trustpoint to assign a web server certificate to your outside interface.  If you want to authenticate with a different certificate, simply import that CAcertificate to the ASA, and make the CA issue the client a certificate.  This way you are using 2 certificates - one for the SSL portion, and another for the client authentication portion.



Patrick Beaven Thu, 07/28/2011 - 13:23
User Badges:

Can you explain how to do this. I have two different certs and would like one for portal and a seperate one for authentication only. If i go to Remote access vpn --> Anyconnect Connection Profiles --> select the profile then "Edit" i can select  AAA,LOCAL OR Certificate but dont have the option to select a specific cert. Can you give me the path to make the change to use a seperate Cert?

Riccardo Veraldi Thu, 07/28/2011 - 13:40
User Badges:

Hello, could you point me to the document you found for X509 authentcation ?

I am ery interested in it,

thank you


This Discussion