https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397194#M309186 <HTML><HEAD></HEAD><BODY><P>I did that, but it throws an error about needing to be an intermediate certificate authority. </P></BODY></HTML> Tue, 12 Nov 2013 02:09:01 GMT cabell911 2013-11-12T02:09:01Z https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397192#M309184 <P>I'm stuck on the requirement to have an intermediate certificate for decryption. I have a certificate assigned to the ASA from a commercial CA for SSL VPN purposes; could I use that? Concerning the private key, is that what's contained in the initial cert request I made to the CA? Any help/advice is appreciated.</P><P></P><P>John</P> Tue, 12 Mar 2019 03:03:19 GMT https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397192#M309184 cabell911 2019-03-12T03:03:19Z https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397193#M309185 <HTML><HEAD></HEAD><BODY><P>I would say you would need to convert your existing certificate to Base-64 format.&nbsp; You may need to save the certificate in .cer extension, but I do believe you can rename it to .pem.</P><P></P><P>You may also look for OpenSSL - I think you can also use it to convert the certificate.</P></BODY></HTML> Tue, 12 Nov 2013 01:46:56 GMT https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397193#M309185 INSYSGROUP 2013-11-12T01:46:56Z https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397194#M309186 <HTML><HEAD></HEAD><BODY><P>I did that, but it throws an error about needing to be an intermediate certificate authority. </P></BODY></HTML> Tue, 12 Nov 2013 02:09:01 GMT https://community.cisco.com/t5/network-security/asa-cx-decryption-certificate/m-p/2397194#M309186 cabell911 2013-11-12T02:09:01Z