Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco ASA 5510 SSL cert error Certificate does not contain devices general purpose public key

Hi all, I purchased a SSL cert from Godaddy for my ASA 5510. I followed these instructions:

1. Generate a Certificate Signing Request

ciscoasa(config)# crypto key generate rsa label my.godaddy.key modulus 2048

ciscoasa(config)# crypto ca trustpoint my.godaddy.trustpoint

ciscoasa(config-ca-trustpoint)# subject-name CN=myhostname.mydomain.com,OU=IT,O=mycompany,C=CA,St=myprovince,L=mycity

ciscoasa(config-ca-trustpoint)# keypair my.godaddy.key

ciscoasa(config-ca-trustpoint)# fqdn myhostname.mydomain.com

ciscoasa(config-ca-trustpoint)# enrollment terminal

ciscoasa(config-ca-trustpoint)# exit

ciscoasa(config)# crypto ca enroll my.godaddy.trustpoint

The Certificate Request is displayed on the terminal which I then copy and paste at Godaddy.com

2. Authenticate the Trustpoint

ciscoasa(config)# crypto ca authenticate my.godaddy.trustpoint


I then paste my base 64 encoded CA certificate from Godaddy.com

It says:

Trustpoint 'my.godaddy.trustpoint' is a subordinate CA and holds a non self-signed certificate.

Trustpoint CA certificate accepted. (Is this ok?)

% Certificate successfully imported

3. Install the Certificate

ciscoasa(config)# crypto ca import my.godaddy.trustpoint certificate

I then paste my base 64 encoded CA certificate from Godaddy.com again

I then get the error:

Cannot import certificate - Certificate does not contain devices general purpose public key for trust point mygodaddy.trustpoint ERROR: Failed to parse or verify imported certificate

But when I do a:

ciscoasa(config)# sh crypto key mypubkey rsa

I get:

Key pair was generated at: 12:49:40 EDT Oct 22 2013
Key name: my.godaddy.key
  Usage: General Purpose Key
  Modulus Size (bits): 2048
  Key Data:

   30820122 300d0609 2a864886 f70d0101 01050003 82010f00 3082010a 02820101

XXXXXXXXXXXXX

Any help much appreciated

Cheers




  • Other Security Subjects
1189
Views
0
Helpful
0
Replies
This widget could not be displayed.