Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Installed a new SSL Certificate but clients are still seeing the old one.

I have installed a new SSL certificate on our ASA 5500. I removed the old one, installed the new one. And associated the trustpoints with the interface we use for Web Connect and AnyConnect connections.

They are still seeing the old expired certificates. Users can still log in and authenticate but I would rather them see the correct certificate.

Anybody have any suggestions?

Thanks

  • Firewalling
9 REPLIES

Installed a new SSL Certificate but clients are still seeing the

Hello,

If you do show run ssl

Do you see the Rigth certificate ( trustpoint) applied to the right interface?

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Installed a new SSL Certificate but clients are still seeing the

Yes the correct trustpoint is shown.

Installed a new SSL Certificate but clients are still seeing the

Hello Josh,

Can you try it from a computer you have not connect before and see if you see any differences.

Regards,

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Installed a new SSL Certificate but clients are still seeing the

This will take me a little bit of time. I will probably have to set up a virtual to test this with since I have connected with all of my machines at one point in time.

New Member

Installed a new SSL Certificate but clients are still seeing the

Nevermind I set up a new Linux Virtual a couple of days ago and I have connected with it yet.

Still having the same issue. Web SSL VPN Service is showing the old expired certificate even though it doesn't look to be installed on the ASA anywhere.

Installed a new SSL Certificate but clients are still seeing the

Hello Josh,

If you do a show run crypto ca trustpoint:

Do you see both of them? The old one and new one?

Also do you have any certificate to profile mapping?

Regards,

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Installed a new SSL Certificate but clients are still seeing the

Running "show run crypto ca trustpoint" does indeed show the old trustpoints. I have no certificate to profile mappings

New Member

Installed a new SSL Certificate but clients are still seeing the

There must have been something wonky with the certificate install. I removed and then reinstalled it and it is running fine now. Although I have a lot of old trustpoints that are still shown as in use

Installed a new SSL Certificate but clients are still seeing the

So, Please remove those ones from your ASA

No crypto ca trustpoint x.x.x.x

Do you see the actual ( the one active on your ASA)

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
1781
Views
0
Helpful
9
Replies
This widget could not be displayed.