Manually generate a CSR on PIX Running V6 Software
I need to create a site to site VPN tunnel using Verisign SSL certificates instead of a pre-shared key.
The V6 Software on the pix only has configuration instructions to configure it to use SCEP (Simple Certification Enrollment Process). However Verisign have stated that they no longer support SCEP and that you must manually generate a CSR on the device and copy and paste the result onto their web page when purchasing the certificate.
The question is
Can you Manually generate a CSR on a PIX firewall Running V6 Software?
It seems possible to do this using V7 Software, however I am using a PIX506E which cannot be upgraded to V7.
If anyone can let me know the answer to my question that would be most appreciated.
Re: Manually generate a CSR on PIX Running V6 Software
A certificate signing request (CSR) is required in order for the third party CA to issue an identity certificate. The CSR contains your ASA's distinguished name (DN) string along with the ASA's generated public key. The ASA uses the generated private key to digitally sign the CSR.
Refer the following url for more info on generating RSA:
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...