Have recently installed ASA/Clean Access. I have a question for the Clean Access Server SSL. RIght out the box when installing Clean Access Server (and Clean Access Manager), a IP base temp. SSL cert. were created via Cisco scripts. Because of that, everytime a user connect via VPN a box popup to ask user to accept that SSL. Now it's time to move on getting a CA signed SSL cert in order to get rid of the popup. I have read the documentation but still have questions. In terms of steps, it's quite clear. However, I am confused as how it's going to work. My questions are:
(1) I am going to use the host name to register with the CA. This Clean Access Server host is internal and the host name is resolvable internally only via our internal DNS servers and for all intent and purpose, is not exposed to the outside.
(2) If I did that, when VPN client, how exactly does it work when it comes to the host name? The cert. will be in the form of xyz.something.com and is not going to be resolved to anything.
Thank you for any idea and explanation.