We purchased a SSL certficate from network solutions to interface with our webvpn connections. This is what they sent us:
WEBVPN.MYSITE.COM.crt (name changed to protect privacy)
I've had absolutely no luck getting the identity certificate installed, and I have no idea what the other certs are really used for.
I figured that using the ASDM was easier to deal with certs so I navigated to the identity certificates section. I tried to import an identity certificate from a file by browsing to the identity certificate and click add certificate. But it stops me and says "Passphrase cannot be empty." I talked to network solutions and they don't have a passphrase for me. So then I just make up anything and click Add Certificate but I get stopped with this error: ERROR: Import PKCS12 operation failed.
At the identity certificates page in ASDM I clicked Add and then tried to add a new identity certificate by filling out all the parameters. This prompts me to save a CSR file to my computer. Ok done. But the certificate is not 'installed'.
To get the certificate installed I tried clicking 'install' and browsing to WEBVPN.MYSITE.COM.crt. Upon hitting OK I get stopped with the following error: Cannot import certificate - Certificate does not contain device's General Purpose public key for trust point ASDM_TrustPoint1. ERROR: Failed to parse or verify imported certificate.
I thought the CSR file is something important so I sent the CSR file to network solutions and they sent back a 'validation.xps' file. I tried to use this to 'install' into the identity certificate I just added. Unfortunately I get the following error when doing so: ERROR: Failed to parse or verify imported certificate.
I called network solutions and tried to explain to them and they of course had no idea what I'm talking about.
Is anyone familiar with this process that can point me in the right direction to install the cert?Thanks
Show Name: Thoughts on Security at Cisco Live US 2018 in Orlando
Contributors: Kevin Klous, David White Jr., Aaron Woland, Jeff Fanelli
Posting Date: June 2018
Description: The team goes on-site in the Cisco Live Speaker room in...
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...