https on pix and asa - cert expired

keller.oliver — Mon, 11 Mar 2019 18:40:08 GMT

The https certificate of one of our pix firewalls has expired, so I wondered how to refresh it.

I tried everything from generating new key pairs to zeroizing every key I could grab and generate new ones, disabling and enabling the http server in between, so in theory it should start with a new cert.

however, deleting installed certs and clearing the cache of the browser didn´t help much, all the client sees is the expired cert, which I suspect to be the cert the pix is still delivering.

can someone share some light on how the https demon is actually related to the key pairs and what you need to do in order to refresh an expired cert on a pix 7.05 ?

tia,

oliver

Re: https on pix and asa - cert expired

Marcin Latosiewicz — Tue, 14 Sep 2010 16:26:00 GMT

Oliver,

7.0.5 is ancient 🙂

I believe the exact check that is done is if certificate exists.

care to share your "show run crypto ca trust" "show cry ca cert" outputs?

Marcin

topic Re: https on pix and asa - cert expired in Network Security

https on pix and asa - cert expired

Re: https on pix and asa - cert expired