Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1731
Views
0
Helpful
6
Replies

firepower management center: how to switch from self signed certificate to a ca based certificate?

bschmidtde
Level 1
Level 1

‎01-15-2018 06:57 AM - last edited on ‎02-21-2020 11:35 PM by Community Manager

Hi,

i need help to switch from the self signed certificate to a new microsoft based ca certificate.
I can generate a new CSR and my ca built a new certificate, i copy this and the root ca certificate in to the import https Server certificate dialog and fire it up. But after this nothing happend. And the self signed certifcate is still used. The online help is no help.

Where can i check what is going wrong ?

Thanks for your help

 

Cisco Firepower Management Center for VMWare
Software Version 6.2.2.1

4 people had this problem
Labels:
0 Helpful
6 Replies 6

Rob Ingram
VIP
VIP

‎01-15-2018 10:43 AM

Hi, I assume you mean a certificate for the FMC Mgmt webpage? If so, try this:-

 

// Create a CSR - Go to > System > Local > Configuration > HTTPS Certificate > Generate New CSR
// Get the certificate signed by the Internal CA
// Import the signed certificate - Go to System > Local > Configuration > HTTPS Certificate > Import HTTPS Certificate
// Click Save

0 Helpful

bschmidtde
Level 1
Level 1
In response to Rob Ingram

‎01-16-2018 02:21 AM

Yes that´s it. But nothing happend after i copy the certificate for the this and the root certificate from the ca. The built in self signed certificate stay active. No Message after i click save.


 

0 Helpful

Rob Ingram
VIP
VIP
In response to bschmidtde

‎01-16-2018 04:18 AM

I just tried this in my lab, it seems when I use Internet Explorer it doesn't seem to apply the certificate correctly, however using firefox does work. Perhaps try a different web browser if it does nothing when it saves.

 

 

0 Helpful

bschmidtde
Level 1
Level 1
In response to Rob Ingram

‎01-16-2018 06:37 AM

thanks for the idea but chrome, firefox and edge = all the same  nothing is changing. After i save it nothing happend, no message and still the selfsigned certificate is in use.

 

any other ideas?

0 Helpful

Daniel Lucas
Level 1
Level 1

‎03-14-2018 06:44 AM

Any resolution for this? Having the same issue - I can generate the CSR, but there doesn't appear to be a way to import the signed cert. The 'Import HTTPS Server Certificate' doesn't seem to be related to the CSR since it asks for an optional private key - makes me think this is for import a wildcard cert.
0 Helpful

c-kn
Level 1
Level 1

‎04-26-2018 11:32 AM

I have the same issue with the same software version. I already had a CA cert uploaded to my FMC and working. When I showed up last week it was using a self signed cert from Cisco again. When I try to load my previous CA cert that I had working before. No messages or anything after I click save.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card