Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Unknown PKI Command

Hello,

I have been unsuccessful googling for a good understanding what this command does: 

validation-usage ssl-client

It is configured under the "crypto ca trustpoint" command in our ASA, like for example:

crypto ca trustpoint XXXX

  validation-usage ssl-client

I would appreciate a good clear explanation of what this command does or is for.

Thanks,

Adil

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Unknown PKI Command

Hi Adil,

validation-usage

To specify the usage types for which validation with this trustpoint is allowed, use the validation-usage command in crypto ca trustpoint configuration mode. To not specify the usage types, use the no form of the command.

validation-usage ipsec-client | ssl-client | ssl-server

no validation-usage ipsec-client | ssl-client | ssl-server

Syntax Description

ipsec-client

Indicates that IPsec client connections can be validated using this trustpoint.

ssl-client

Indicates that SSL client connections can be validated using this trustpoint.

ssl-server

Indicates that SSL server certificates can be validated using this trustpoint.

You can look in to below link aas well:-

http://www.cisco.com/en/US/docs/security/asa/command-reference/v.html#wp1834686

Regards,

Naresh

2 REPLIES
Silver

Unknown PKI Command

Hi Adil,

validation-usage

To specify the usage types for which validation with this trustpoint is allowed, use the validation-usage command in crypto ca trustpoint configuration mode. To not specify the usage types, use the no form of the command.

validation-usage ipsec-client | ssl-client | ssl-server

no validation-usage ipsec-client | ssl-client | ssl-server

Syntax Description

ipsec-client

Indicates that IPsec client connections can be validated using this trustpoint.

ssl-client

Indicates that SSL client connections can be validated using this trustpoint.

ssl-server

Indicates that SSL server certificates can be validated using this trustpoint.

You can look in to below link aas well:-

http://www.cisco.com/en/US/docs/security/asa/command-reference/v.html#wp1834686

Regards,

Naresh

New Member

Unknown PKI Command

Now I understand better.  Thank you.

673
Views
5
Helpful
2
Replies
CreatePlease login to create content