I am trying to install a CA issued certificate into an ASA and need to apply it to the management interface.
I am able to successfully create the certificate in the ASA but when I access the ASA's mangement IP via web browser, I am still getting self signed certificate instead of the one I created from the CA. What am I missing?
crypto key generate rsa label tsp.gov.key modulus 2048
crypto ca trustpoint ManagementCert2013
enrollment terminal
subject-name CN=pdc-asa-1.test.com,OU=Network,O=FRTIB,C=US,St=PA,L=Pittsburgh
serial-number
fqdn pdc-asa-1.test.com
keypair test.com.key
exit
crypto ca enroll ManagementCert2013
crypto ca authenticate ManagementCert2013
ssl trust-point ManagementCert2013 management
sho crypto ca certificates ManagementCert2013
CA Certificate
Status: Available
Certificate Serial Number: 11999746000200000a75
Certificate Usage: General Purpose
Public Key Type: RSA (2048 bits)
Signature Algorithm: SHA1 with RSA Encryption
Issuer Name:
cn=TSPOCA
dc=test
dc=com
Subject Name:
cn=pdc-asa-1.test.com
ou=Network
o=TEST
l=Pittsburgh
st=PA
c=US
hostname=pdc-asa-1.test.com
serialNumber=XXXXXXXXX
CRL Distribution Points:
[1] ldap:///CN=TSPOCA(2),CN=mprd-cert-app-2,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=test,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint
[2] http://cdp.test.com/CertEnroll/TSPOCA(2).crl
Validity Date:
start date: 10:54:34 UTC Oct 16 2013
end date: 10:54:34 UTC Oct 16 2015
Associated Trustpoints: ManagementCert2013
Certificate
Subject Name:
Name: pdc-asa-1.test.com
Serial Number: XXXXXXXXX
Status: Pending terminal enrollment
Key Usage: General Purpose
Fingerprint: cfbf4e3e 0e0e4f9c 6a558f53 0915890b
Associated Trustpoint: ManagementCert2013