03-23-2007 05:08 PM - edited 02-21-2020 01:27 AM
Hello all:
I'm performing an upgrade on a spare ASA5520 from 7.2(1) to 7.2(2-14). I'm trying to copy the config from an ASA that is in production and would like to replace it with the ASA I am upgrading. I am able to copy the running-config to the replacement ASA, however the SSL Certificate is giving me problems. I receive and error of .....ERROR: Public key contained in the device certificate doesn't match the device's public key <Default-RSA-Key> configured for trustpoint %trustpointname%. Device certificate is not installed.
I am able to get into the CLI, but can not access the device from the ASDM client. Any help would be very appreciated.
Solved! Go to Solution.
03-26-2007 12:52 PM
Yes the above commands looks good..first replicate the configuration to the ASA...and then import the certificate from the trustpoint
03-23-2007 05:20 PM
delete the current keys
ca zeroize rsa
..disable the trustpoint from your config and then create new keys
03-23-2007 05:25 PM
Hey Abinjola,
Thanks for the reply. I'm not sure how to disable the Trustpoint and how to create new keys.
Thanks!
03-23-2007 07:14 PM
if you have disabled the web VPN COnfig (trust points from the config) and still getting the error mesage then check this :-
CSCsc08926
03-26-2007 11:46 AM
can you please update me about this ...
03-26-2007 12:31 PM
Hi abinjola,
I've removed the trustpoint (no crypto trustpoint %trustpointname%, however I'm not sure how to create new keys once I have done that. Could you provide me with the steps for disabling trustpoint, and creating new keys?
thank you for all your help!
03-26-2007 12:33 PM
crypto key gen rsa modulus 1024
03-26-2007 12:40 PM
sorry for so many questions (new at this)
steps:
1 - no crypto ca trustpoint %trustpointname% (delete trustpoint)
2 - ca zeroize rsa (remove rsa keys)
3 - crypto key gen rsa modulus 1024
Then I will need to import my SSL Cert?
03-26-2007 12:52 PM
Yes the above commands looks good..first replicate the configuration to the ASA...and then import the certificate from the trustpoint
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: