https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085069#M395486 <HTML><HEAD></HEAD><BODY><P>It's not only the clock that has to be in sync. To connect to the ASDM without a certificate-warning you also have to:</P><P></P><P>- Use the FQDN or IP that is in the certificate</P><P>- Trust that certificate. If it is self-signed then import it into the trusted root store, If it is from your CA, then import the root-cert into your trusted root-store.</P><P></P><P>To investigate that further, please show the output of "show crypto ca certificate".</P><P></P><P></P><P>--&nbsp; <BR />Don't stop after you've improved your network! Improve the world by lending money to the working poor: <BR /><A class="jive-link-external-small" href="http://www.kiva.org/invitedby/karsteni">http://www.kiva.org/invitedby/karsteni</A></P></BODY></HTML> Fri, 16 Nov 2012 10:06:18 GMT Karsten Iwen 2012-11-16T10:06:18Z https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085068#M395485 <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; hi,</P><P></P><P>I am trying to access my firewall using ASDM but it is giving me an error 'Certificate Validation Failure'</P><P></P><P>I have manually set a clock on the firewall to match with the machine from where I am trying to access FW using ASDM</P><P></P><P>ASA version is 8.2 (2) &amp; ASDM version is 7.0</P><P>I get same error message with ASDM 6.4</P> Tue, 12 Mar 2019 00:24:18 GMT https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085068#M395485 central_bank 2019-03-12T00:24:18Z https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085069#M395486 <HTML><HEAD></HEAD><BODY><P>It's not only the clock that has to be in sync. To connect to the ASDM without a certificate-warning you also have to:</P><P></P><P>- Use the FQDN or IP that is in the certificate</P><P>- Trust that certificate. If it is self-signed then import it into the trusted root store, If it is from your CA, then import the root-cert into your trusted root-store.</P><P></P><P>To investigate that further, please show the output of "show crypto ca certificate".</P><P></P><P></P><P>--&nbsp; <BR />Don't stop after you've improved your network! Improve the world by lending money to the working poor: <BR /><A class="jive-link-external-small" href="http://www.kiva.org/invitedby/karsteni">http://www.kiva.org/invitedby/karsteni</A></P></BODY></HTML> Fri, 16 Nov 2012 10:06:18 GMT https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085069#M395486 Karsten Iwen 2012-11-16T10:06:18Z https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085070#M395487 <HTML><HEAD></HEAD><BODY><P> The output of sh crypto ca certificate is blank.</P></BODY></HTML> Fri, 16 Nov 2012 10:41:40 GMT https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085070#M395487 central_bank 2012-11-16T10:41:40Z https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085071#M395488 <HTML><HEAD></HEAD><BODY><P>The easiest way to get ASDM-Access should be with the setup-command. Accept everything that is preconfigured correctly and add all that is missing (i.g. the host that runs the ASDM).</P><P></P><P></P><P>--&nbsp; <BR />Don't stop after you've improved your network! Improve the world by lending money to the working poor: <BR /><A class="jive-link-external-small" href="http://www.kiva.org/invitedby/karsteni">http://www.kiva.org/invitedby/karsteni</A></P></BODY></HTML> Fri, 16 Nov 2012 10:51:47 GMT https://community.cisco.com/t5/network-security/asdm-certificate-validation-failuer/m-p/2085071#M395488 Karsten Iwen 2012-11-16T10:51:47Z