Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What will happen if Certificates on ASA box expired

Hi All,

Just cannot find appropriate document about what affected by Expired Certification on ASA bow.

I use this certificates for Client-to-Site and Site-to-Site VPN.

If you can help answer or point to appropriate docs will be a lot of help.

Thank you very much.

AM.  

3 REPLIES
Cisco Employee

Re: What will happen if Certificates on ASA box expired

If you use certificate to authenticate the vpn client or for site-to-site vpn authentication, with expired certificate, authentication will not work, and you won't be able to establish the VPN tunnel.

You would need to renew the certificate.

New Member

Re: What will happen if Certificates on ASA box expired

Hi halijenn ,

Thank you very much for your answer! Anyway can you leads me to some doc then I can read more

    

Cisco Employee

Re: What will happen if Certificates on ASA box expired

Since authentication is done via the certificate for remote vpn client and lan-to-lan, if the certificate has expired, it will not able to authenticate, hence, they won't be able to connect. Just like if a password has expired, you were not able to authenticate anymore, hence can't connect through vpn.

Here is a sample configuration on how to renew a certificate:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809fcf91.shtml

The sample configuration is on how to renew SSL certificate, but the concept is the same for any certificate renewal.

3959
Views
0
Helpful
3
Replies
CreatePlease to create content