We are trying to generate certificates on Cisco ASA 5545. ASA Version 9.4(4)32 ASDM Version 7.12(1)
The issue is when we are going through: Configuration>Certificate Management>Identity Certificates>Add
We select the Add a new identity certificate radio button. At key pair, we select new. At key type, RSA is selected and we use 2048 as our size. When we select add certificate, it generates a SHA-1 certificate. This is no good...
The problem is we need a SHA-256 certificate. Currently, we are having to use OpenSSL to regenerate a SHA-256 key. It seems as though there should be a way to generate a SHA-256 certificate as a default within ASDM.
What am I missing?
Unfortunately ASDM doesn't give you this option, even with the latest release.
You have to use a third party tool to generate the CSR. Personally I prefer XCA (a free GUI-based certificate management tool)
ASA enhancement bug below:
Not yet fixed.