Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA LOCAL CA SERVER Backup and Restore

Hi,

I wold like to set-up cisco asa for a CA server and provide user authentiaction over digital certificates.

I'm wondering is there any way to do full backup and restore of configuration inlcuding local ca server (root certificate) user certificates and transver it to different ASA firewall in case of hw failiure?

10x

1 ACCEPTED SOLUTION

Accepted Solutions

Re: ASA LOCAL CA SERVER Backup and Restore

Please see the attached backup and restore procedure via CLI...

3 REPLIES

Re: ASA LOCAL CA SERVER Backup and Restore

Please see the attached backup and restore procedure via CLI...

New Member

Re: ASA LOCAL CA SERVER Backup and Restore

It works,

Regarding trust point, i have to delete old trustpoint lacal-ca-server and create new one.

Thanks

New Member

Will the backup and restore

Will the backup and restore be worked on my case?

https://supportforums.cisco.com/discussion/12168126/asa-upgrade-localcaserver-issue

I upgraded a ASA firewall using the 8.6(1) version with the LOCAL_CA_SERVER, which is for the VPN clients, e.g. one time auth cert deployment, revoking.

 

Unfortunately, I have to upgrade the version to 9.1 or above, because I hit a bug. I discovered the LOCAL_CA_SERVER of the ASA is working, but the clients' cert. will be untrusted and the certed users will have to enter the username & password again to get the cert.

 

Why need to do that? I checked the trust points, the local certs, the db on local CA server .... all is matched as the b4 version. Why the b4 deployed clients' cert. will be untrusted? Any idea on that? Thanks!

2391
Views
5
Helpful
3
Replies