Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Certificate for ASDM access to ASA

Hi all

Who knows where the ceritifcate on the ASA can be edited/deleted/renewed which is responsible for the access via ASDM? With the "show crypto key mypubkey rsa" I get all certificates, but none matches with the modulus I can see when I access the ASA with a webbroser to https://asa-name

Thank you

Markus

4 REPLIES

Certificate for ASDM access to ASA

Hello Markus,

This is a Self-Signed Certificate that is created every single time the ASA reboots.

You can make it permanent altough.

Its show crypto ca trustpoints to see the one available and then you can modify as needed.

You can configure it manually and also enable it on the right interface with the command ssl trustpoint "name" name_if

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com

Re: Certificate for ASDM access to ASA

Hi,

In ASDM, go to Configuration > Device Managment > Certificate Management.


Sent from Cisco Technical Support iPhone App

New Member

Certificate for ASDM access to ASA

Thanks guys for your quick reply.

The point is that when I check the certificates with "show crypto ca certificates", none of these certificates has the serial number which I can see when I connect with the browser. So I still was not able to find the certificate with this serial number on the ASA.

I also have three trustpoints configured for the ASDM: ASDM_TrustPoint0, hostname-Trustpoint and ASDM_TrustPoint. For the ASDM_Trustpoint, I generated a new self-signed certificate, so this is also what I can see. But the connection with the browser don't show me this certificate from the trustpoint ASDM_TrustPoint.

So which Trustpoint now is responsible to provide the certificate for the browser session? Of course I can delete them?

Thanks

Markus

Re: Certificate for ASDM access to ASA

Hey you still need to set the one you plan to use

ssl trustpoint name outside

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
377
Views
0
Helpful
4
Replies
CreatePlease login to create content