Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Why ASA creates self assigned certificate on each reboot

Hi Everyone,

I noticed

"By default, the security appliance has a self-signed certificate  that is regenerated every time the device is rebooted. We can purchase  your own certificate from vendors, such as Verisign t, or you  can configure the ASA to issue an identity certificate to itself. This  certificate remains the same even when the device is rebooted.

Need to know the reason behind the creation of self assigned certificate on each reboot?

Regards

MAhesh

2 ACCEPTED SOLUTIONS

Accepted Solutions

Why ASA creates self assigned certificate on each reboot

Hello Mahesh,

As you mention that's by default and by desing,

That would help us in the case we set a SSL session to the box (Anyconnect, ASDM) as we will not need to go a step further and manually create or generate an SSL certificate,

Why?

Because the firewall will do it automatically, altough if you purchase one from a CA you can overwrite it by installing the certificate and set it as the SSL certificate for any SSL session,

For Networking Posts check my blog at http://laguiadelnetworking.com/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Hall of Fame Super Silver

Re: Why ASA creates self assigned certificate on each reboot

It does make setup easier. you can also create a self-signed certificate and make that persistent and associated with your SSL VPN and/or device management.

4 REPLIES

Why ASA creates self assigned certificate on each reboot

Hello Mahesh,

As you mention that's by default and by desing,

That would help us in the case we set a SSL session to the box (Anyconnect, ASDM) as we will not need to go a step further and manually create or generate an SSL certificate,

Why?

Because the firewall will do it automatically, altough if you purchase one from a CA you can overwrite it by installing the certificate and set it as the SSL certificate for any SSL session,

For Networking Posts check my blog at http://laguiadelnetworking.com/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Why ASA creates self assigned certificate on each reboot

Thanks Julio

Regards

Mahesh

Hall of Fame Super Silver

Re: Why ASA creates self assigned certificate on each reboot

It does make setup easier. you can also create a self-signed certificate and make that persistent and associated with your SSL VPN and/or device management.

New Member

Why ASA creates self assigned certificate on each reboot

Hi Marvin,

Thanks for replying.

Best Regards

Mahesh

242
Views
0
Helpful
4
Replies
CreatePlease to create content