topic Re: Generating computer certificates from Firepower 1010 in Network Security

Generating computer certificates from Firepower 1010

ABaker94985 — Mon, 09 Aug 2021 14:13:33 GMT

We have a FPR 1010 running 6.7 and is managed by FDM that we'd like to use computer certificates for authenticating AnyConnect users. I see it's possible to create an internal CA, but is it possible to create a computer certificate to be used by the AnyConnect client computers? Thank you

Re: Generating computer certificates from Firepower 1010

Rob Ingram — Mon, 09 Aug 2021 14:16:55 GMT

@ABaker94985

You can either use Windows AD to create and distribute the certificates to the computers using GPO or use OpenSSL to generate a certificate manually. In either scenario the FTD must trust the certificate that issued the certificate to the client.

Re: Generating computer certificates from Firepower 1010

ABaker94985 — Mon, 09 Aug 2021 14:30:09 GMT

I suspected this would be the case but wasn't sure. Thanks for the fast response.