cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


323
Views
5
Helpful
3
Replies
Highlighted
Beginner

Associated Trustpoints question when installing identity certificate via ASDM

Hi everyone

 

Im upgrading the firewall hardware. I saved the identity certificates from the old firewall and then I took a screenshot of the ASDM which has the identity certificate information. 

 

I then realised that one of the certificates has more than one associated trustpoint in the screenshot. I can see one trustpoint then a comma and then i cant completely read the second associated trustpoint. 

 

I no longer have access to the ASDM but i can get hold of the config file. I want to try to add the identity certifiacte via the ASDM as i'm more comfortable with it. 

 

My question is, is there any way i can find out what the second associated trustpoint is from the config file? If i can, is it possible to just add the ID cert via ASDM by entering the certificate name as the two associated trustpoints separated by a comma? 

 

thanks 

3 REPLIES 3
VIP Advisor

Re: Associated Trustpoints question when installing identity certificate via ASDM

what are you using the certs for? just for ASDM? 

 

also, exporting the cert is not enough, you will need to export the private and public RSA keys as well.

 

imho, you will ne better off generating new keys and subsequent cers

Please remember to rate useful posts, by clicking on the stars below.

Beginner

Re: Associated Trustpoints question when installing identity certificate via ASDM

Hi Dennis

 

When you save the identity certificate from the old firewall isnt the rsa key included?

 

the certificate will be used for remote access vpn

 

 

thanks

 

 

VIP Advisor

Re: Associated Trustpoints question when installing identity certificate via ASDM

NO, saving a cert is not the same as saving key, those are two distinctly different things.

 

however,

 

try this:

 

https://www.fragmentationneeded.net/2015/04/exporting-rsa-keys-from-cisco-asa.html

 

the PKCS does include the private key.

Please remember to rate useful posts, by clicking on the stars below.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here