Cisco Support Community
Community Member

ASA SSL trustpoints


I have a scenario where a web server is hosted on the inside and users accessing to it through https are being authenticated first on the ASA( there is a certificated installed on the ASA for secure access)

I want to add another web server and do the same setup, will I need a separate cetificate on the ASA( can I have multiple certificates for the same trustpoint knowing that I can assign only one trustpoint on the outside interface)

What's the best practise?


Re: ASA SSL trustpoints

Yes you can assign the trustpoint to be used for SSL connections on the outside interface.

A trustpoint contains the identity of a certificate authority, CA-specific configuration parameters, and an association with one enrolled identity certificate. You need one trustpoint to connect with the Citrix server. You can configure up to two trustpoints, each to be assigned to a different interface on the security appliance; however, you can assign a single trustpoint to two interfaces.

Community Member

Re: ASA SSL trustpoints

It is already the case, I already have a trustpoint configured on the outside interface. But I need to know if multiple certificates can coexist under one trustpoint.

Another thing, is it feasible to configure a subinterface on the outside interface and have a truspoint for each subinterface?

CreatePlease to create content