I'm setting up a VPN 3000 Concentrator and for local administrative purposes I've created a self-signed CA, something to allow for https connections for our admins (generated on my own pc, copy/pasted into the web console). This seems to work fine. However, when I try to create an SSL certificate via the "generate" option (Administrations|Certificate Management|SSL Certificate) I'm given false details pertaining to geographical location (eg, Franklin, MA - which is not where I'm from :) ... The certificate itself works fine however and does contain accurate geographical data.
The interface does not allow me to create an SSL certificate manually:
- Copy/paste method complains of parsing errors (and no combination of pasting seems to work).
- upload from workstation complains that there is no file present (if from my linux workstation), or another parsing error (if from my windows workstation).
I would like to create an SSL certificate with accurate information but these snags are holding me back. Anyone have any ideas?
The link is quite useful, thanks for taking the time to reply. However, even after going through the steps involved with certificate enrollment and entering correct values I still receive errors when attempting to install the certificate. Here's a step-by-step description, assuming the CA is installed correctly and for all intents and purposes, running without a problem:
- "Click here to enroll with a Certificate Authority"
- "SSL certificate"
- "Enroll via PKCS10 Request (Manual)"
- enter appropriate values in each field
--> in this instance I'm using the IP address as the Common Name (as per instructions).
--> selecting RSA 1024 bits
- click Enroll
- pkcs****.txt pops up with a key value
- "Go to Certificate Installation"
- "Install certificate obtained via enrollment"
- Enrollment Status screen appears along with the cert I've just created
--> I notice that the Issuer field has N/A listed, is this related to the original CA that was created?
- click Install
- "Cut & Paste Text"
- paste all of the contents from the pop-up window and click Install
At this point I receive the following error
"Error installing SSL certificate: Bad file format."
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...