06-09-2015 02:42 AM
Hi
I want to get rid of the untrusted certificate warning messages for my VPN (anyconnect) users.
I have my cert file, private key file and intermediate cert (CA) file in .pem format.
I have a Cisco ASA 5505.
Can anyone point me to a guide or tell me what I need to do with the files? I'm not sure as I've never done much with certificates before and ASA's aren't really my thing either.
Thanks
06-09-2015 04:20 AM
You can follow this example:
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/98596-asa-8-x-3rdpartyvendorcert.html
or most of providers of certificates do have their own instruction pages. Vide:
https://www.digicert.com/ssl-certificate-installation-cisco-asa-5500.htm
https://support.globalsign.com/customer/portal/articles/1228167-install-certificate---cisco-asa-5500
06-09-2015 06:25 AM
Yeah, I've gone through them and no matter what permutation of cert file I go for, it comes back and says "certificate does not contain devices general purpose public key". I've tried the cert file on it's own, but also with the private key and also with the private key and CA cert as well.
I've tried pasting in from the pem file and also as a .cer file. Always comes back with the same thing.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: