Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN SSL Certificate error when installing

, Hi,

For  VPN SSL connections, I'd like to authentify the ASA server with an internal Windows PKI.

I successfully added a Root CA with the associated Trustpoint name "ASDM_TrustPoint0" (by default) 

Next, I want to install a Identity Certificate. In  In Certificate Management > Identity Certificates, I used the same TrustPoint Name as with the CA (ASDM_TrustPoint0).

I correctly filled the CN value and the FQDN (in Advanced Tab).

But when I click on "Add Certificate", I have the error "Enrollment terminal. Trustpoint enrollment cannot be changed for an authenticated trustpoint".

Snap1.jpg

According to the book Cisco ASA All-in-One, the error can be ignored so I proceeded.

The certificate is now in Pending State but when installing it,

Snap2.jpg

I did a test. I installed the Root CA on my personnal computer then I clicked on the identity certificate.cer file received. No authentication possible to a known Root CA.

Did I do something wrong with the TrustPoint Name ??

Thanbsk

Herve

327
Views
0
Helpful
0
Replies