Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Exporting a certificate from one ASA pair to another

Hi,

Does anyone know if it possible to export a security certificate from one set of ASA's to another? And how this might be done?

From the documentation I haven't seen anything about this. From experience you need a CSR to which you then add the certificate which is validated against a trustpoint. If there is no CSR on the 2nd set of ASA's then no cert can be imported?

Regards

2 REPLIES
Community Member

Re: Exporting a certificate from one ASA pair to another

Found the following in "Cisco Security Appliance Command Line Configuration Guide, Version 8.0" on Cisco Documentation:

"You can export and import the keypair and issued certificates associated with a trustpoint in PKCS12 format. This is useful if you wish to manually duplicate a trustpoint configuration on a different security appliance."

There are also sections describing how to do it.

Regards

Re: Exporting a certificate from one ASA pair to another

CLI:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/cert_cfg.html#wp1058415

ASDM:

Via ASDM you can export/import a trustpoint via the Configuration->Remote Access VPN->Certificate Management->Identity Certificates. Alternatively, you can use the ASDM 6.1 backup and restore tool to backup certificates.

468
Views
0
Helpful
2
Replies
CreatePlease to create content