Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Anyconnect On Demand Server 2012

I need to use 2012 to send out the certificates for the clients. Are there any Docs on setting this up specifically for 2012?  Everything I found so far is for 2003-8.

4 REPLIES

Hi, is this what you are

Hi,

 

is this what you are looking for??

http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-centralized-ssl-certificate-support-ssl-scalability-and-manageability

http://blogs.msdn.com/b/kaushal/archive/2012/10/11/central-certificate-store-ccs-with-iis-8-windows-server-2012.aspx

 

Regards

Karthik

New Member

These are what I have found,

These are what I have found, the first one is the overview, and I have several deployments where the ASA is the Certificate Server, however I have a request to make the Certificate Server their AD, which is 2012. I can find all kinds of docs on using 2003 -8 for this purpose, but the only one related to 2012 is the bottom link, and I am having issues getting the OCSP working based on that doc.  Some critical information was missing on the user used for the services on the Microsoft papers, so not at all surprised that I still cant get it to work. 

 

 

 

http://www.cisco.com/c/dam/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/guide_c07-717020.pdf

http://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116720-config-asa-ocsp-00.html#anc9

On this doc, CA Configuration for OCSP Template, step one shows group or username but no where in the doc, does it specify the shown user being set up. 

New Member

Some further information. In

Some further information. In a nutshell, instead of having to add every user to the ASA to issue a certificate for their Anyconnect Mobile, they want to use Active Directory.

 

http://www.cisco.com/c/en/us/support/docs/ip/lightweight-directory-access-protocol-ldap/116096-configure-anyconnect-openldap-00.html#anc13

 

I am not finding anything on how to configure the ASA and Windows server to be able to do this.

 

Can it be done?

New Member

Found this, might be on the

Found this, might be on the right trail now, but hate going through all of this to find out it wont work.

 

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/Unified_Access_Book/UA_Security.html#wp1253798

28
Views
0
Helpful
4
Replies