Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

How to generate a self-signed certificate for the DNS name rather than the IP, and how to use it for WebVPN/SSL VPN on an Adaptive Security Appliance ( ASA ).


You can generate a self-signed certificate with a CN by issuing these commands on the Adaptive Security Appliance (ASA):

ASA(config)# crypto  ca trustpoint myself

ASA(config)# enrollment self

ASA(config)# subject-name

ASA(config)# crypto ca enroll myself

To ensure that Secure Sockets Layer (SSL) utilizes the new certificate generated, issue this command:

ASA(config)# ssl trust-point myself

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 05:28 PM
Updated by:
Labels (1)