Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Issues installing signed certificates into ASA 5510

I am running Cisco Adaptive Security Appliance Software Version 8.3(2) Device Manager Version 6.4(1).  This will be used as a VPN gateway.  I am having troubles installing our cert.  I can install the cert, but it never connects witht he correct key.  It references trustpoint0 when it is trustpoint1.  I deleted all trustpoints and it still happens.  I could use some help with that.

vpngw4# sh run | begin rust
crypto ca trustpoint ASDM_TrustPoint0
crl configure
crypto ca trustpoint ASDM_TrustPoint1
keypair ASDM_TrustPoint0
crl configure
crypto ca certificate chain ASDM_TrustPoint1
certificate 0f8e62
    308203d5 ....... 8c
  quit


I deleted both trust points and when I do a  sh run both are gone, but when I then import the cert (via ASDM) it creates trustpoint0 again.

The result is that when I connect to the box via WebVPN it gives me a certificate error.


Thanks

Joerg

3 REPLIES

Issues installing signed certificates into ASA 5510

Hello,

So I can see you can import the certificate but the certificate used by the ASA is not the one you need right?

If that is the issue you can configure on the ASA witch Certificate will be used for WebVPN sessions:

On the CLI:

ssl trust-point ASDM_TrustPoint0 outside

Then you will use the certificate you just imported.

If I missunderstood the question just let me know, I will be more than glad to help.

Regards.

Do rate all the helpful posts

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Issues installing signed certificates into ASA 5510

Julio,

I tried this an dI still get a certificate error.  I *think* my issue is that the cert refers imported in trustpoint1 references the key of trustpoint0.  But I am not quite sure.

Issues installing signed certificates into ASA 5510

Hello Joe,

I mean when you configure the trustpoint you have the option to choose the proper key!

Can you do a debug webpvn while you attempt to connect.

Regards,

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
861
Views
0
Helpful
3
Replies