https://community.cisco.com/t5/network-security/asa-upgrade-local-ca-server-issue/m-p/2447904#M267728 <P>Is it the client cert. trust check the ASA version?</P> Wed, 09 Apr 2014 23:30:45 GMT Chi Fai Leung 2014-04-09T23:30:45Z https://community.cisco.com/t5/network-security/asa-upgrade-local-ca-server-issue/m-p/2447903#M267727 <P>Hi All Security Experts,</P><P>&nbsp;</P><P>I upgraded a ASA firewall using the 8.6(1) version with the LOCAL_CA_SERVER, which is for the VPN clients, e.g. one time auth cert deployment, revoking.</P><P>&nbsp;</P><P><SPAN style="color: rgb(80, 80, 80); font-family: verdana; font-size: 15px; line-height: 18.563480377197266px;">Unfortunately, I have to upgrade the version to 9.1 or above, because I hit a bug. I discovered the LOCAL_CA_SERVER of the ASA is working, but the clients' cert. will be untrusted and the certed users will have to enter the username &amp; password again to get the cert.</SPAN></P><P>&nbsp;</P><P><FONT color="#505050" face="verdana"><SPAN style="font-size: 15px; line-height: 18.563480377197266px;">Why need to do that? I checked the trust points, the local certs, the db on local CA server .... all is matched as the b4 version. Why the b4 deployed clients' cert. will be untrusted? Any idea on that? Thanks!</SPAN></FONT></P> Tue, 12 Mar 2019 04:02:54 GMT https://community.cisco.com/t5/network-security/asa-upgrade-local-ca-server-issue/m-p/2447903#M267727 Chi Fai Leung 2019-03-12T04:02:54Z https://community.cisco.com/t5/network-security/asa-upgrade-local-ca-server-issue/m-p/2447904#M267728 <P>Is it the client cert. trust check the ASA version?</P> Wed, 09 Apr 2014 23:30:45 GMT https://community.cisco.com/t5/network-security/asa-upgrade-local-ca-server-issue/m-p/2447904#M267728 Chi Fai Leung 2014-04-09T23:30:45Z