I've installed a new SSL certificate to replace the old one which was about to expire. After this cert update I can no longer access the ACS server for admin purposes. I get the error "Can not establish cifered connection because the certificate presented by <servername> is invalid or corrupt. Error code: -8101" or something similar as the message is in spanish.
I've tried to restart the CSAdmin service without success. I've also looked ath the different CS tools but none of them addresses this nor does the ACS User Guide.
Is there a way to remove the certificate from the command line or other?
Ay help would be appreciated as I don't want to reinstall/rebuild the server.
On 3.3 I didn't have to reinstall any configuration. What the Registry value change does is simply remove the SSL session encryption and that leaves the HTTP available. Once restarted the CSAdmin service I could connect using HTTP and then install a new cert, configure the cert trust list and re-enable the HTTPS admin session option.
I would assume that being version 4 and an appliance makes no difference. This is ONLY an assumption, you should check this out in your lab before trying it on a production environment system.
Make sure that you configure the Cert Trust List before enabling the HTTPS feature.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...