If you create a Microsoft Root Certificate Authority (CA) with Windows Server 2008 and create a CAPolicy.inf file, you have to remove the AlternateSignatureAlgorithm=1 for the certificate to work with the Cisco ASA 8.4(7). If the AlternateSignatureAlgorithm=1 is in the CAPolicy.inf file, the root certificate will be created with the algorithm = RSASSA-PSS. If you remove this from the CAPolicy.inf file, the algorithm will be RSA SHA.
I ran into this issue in a Microsoft guide. The notes does say that AlternateSignatureAlgorithm will not work with Windows XP client computers. I have also seen that it will not work with Windows 2003 servers.
When trying to add a CA to the ASA from ASDM, this is the error:
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...