cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
309
Views
0
Helpful
1
Replies
Beginner

Can't Access Web Sites after applying SSL Policy

I have internal CA and ASA with firepower services.

After I applied SSL policy (decrypt- resign) I have a certificate issue.

I need your advise. I think I have an issue in firepower certificate. How do i configure the firepower to decrypt the traffic using my own CA?

 

 

1 REPLY
Highlighted
Hall of Fame Master

Re: Can't Access Web Sites after applying SSL Policy

Is the certificate you are using for Firepower configured as a "certificate-issuing-certificate"?

 

This would need to be specified in the template used by the CA when signing the certificate it issues to the FMC. A standard web server certificate (even if the issuing CA is trusted) will not suffice to allow Firepower to masquerade as the destination site when proxying the SSL traffic. 

CreatePlease to create content
Ask the Expert- Firepower configuration & troubleshooting