Solved: ASA view user certificates expiry date

o.melnikov · ‎01-30-2012

Hello!

There is ASA with remote access VPN and users are authenticated using third party signed certificates (CA is not local in ASA).

When user certificate expires i can see it in syslog messages. For example:

%ASA-3-717009: Certificate validation failed. Certificate date is out-of-range, serial number: (...)

I would like to know if there is an opportunity to view user's certificate expiry date beforehand, say, 3 days before?

Thank you!

Herbert Baerten · ‎02-07-2012

Hi Oleg,

the user should get a warning when his certificate is about to expire, but on the ASA you cannot detect this, sorry.

hth

Herbert

Herbert Baerten · ‎02-07-2012

Hi Oleg,

the user should get a warning when his certificate is about to expire, but on the ASA you cannot detect this, sorry.

hth

Herbert

o.melnikov · ‎02-20-2012

Hi Herbert!

Thank you!

Atri Basu · ‎07-17-2012

The following enhancement requests have been filed for this though:

CSCeh73797, CSCsk86689, CSCsy90223. If you have a cisco accounts team you should follow up with them regarding these enhancements.