Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

https on pix and asa - cert expired

The https certificate of one of our pix firewalls has expired, so I wondered how to refresh it.

I tried everything from generating new key pairs to zeroizing every key I could grab and generate new ones, disabling and enabling the http server in between, so in theory it should start with a new cert.

however, deleting installed certs and clearing the cache of the browser didn´t help much, all the client sees is the expired cert, which I suspect to be the cert the pix is still delivering.

can someone share some light on how the https demon is actually related to the key pairs and what you need to do in order to refresh an expired cert on a pix 7.05 ?

tia,

oliver

1 REPLY
Cisco Employee

Re: https on pix and asa - cert expired

Oliver,

7.0.5 is ancient :-)

I believe the exact check that is done is if certificate exists.

care to share your "show run crypto ca trust" "show cry ca cert" outputs?

Marcin

314
Views
0
Helpful
1
Replies
CreatePlease to create content