https://community.cisco.com/t5/network-security/ssl-certificate-cannot-be-trusted-on-hosts/m-p/4056297#M1068517 <P>&nbsp; I was just able to get vulnerability scanning for a vFMC suite with 2110's started and it's calling out the SSL Certificate cannot be trusted.&nbsp; This and a few others relating to the same thing.</P><P>&nbsp; The FMC has a valid certificate, but the scans are picking it up on the two FTD 2110 hosts.&nbsp; During build out and hardening I read something that you can't add a cert to a host that is managed by an FMC.</P><P>&nbsp; Is this true or can we generate a CSR and upload a valid cert to each device in the cluster?</P> Tue, 31 Mar 2020 21:02:56 GMT dewey89 2020-03-31T21:02:56Z https://community.cisco.com/t5/network-security/ssl-certificate-cannot-be-trusted-on-hosts/m-p/4056297#M1068517 <P>&nbsp; I was just able to get vulnerability scanning for a vFMC suite with 2110's started and it's calling out the SSL Certificate cannot be trusted.&nbsp; This and a few others relating to the same thing.</P><P>&nbsp; The FMC has a valid certificate, but the scans are picking it up on the two FTD 2110 hosts.&nbsp; During build out and hardening I read something that you can't add a cert to a host that is managed by an FMC.</P><P>&nbsp; Is this true or can we generate a CSR and upload a valid cert to each device in the cluster?</P> Tue, 31 Mar 2020 21:02:56 GMT https://community.cisco.com/t5/network-security/ssl-certificate-cannot-be-trusted-on-hosts/m-p/4056297#M1068517 dewey89 2020-03-31T21:02:56Z https://community.cisco.com/t5/network-security/ssl-certificate-cannot-be-trusted-on-hosts/m-p/4056298#M1068518 <P>Is there a way that the hosts can leverage the SSL certs from the FMC?</P> Tue, 31 Mar 2020 21:04:47 GMT https://community.cisco.com/t5/network-security/ssl-certificate-cannot-be-trusted-on-hosts/m-p/4056298#M1068518 dewey89 2020-03-31T21:04:47Z