cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5725
Views
0
Helpful
3
Replies

ASA view user certificates expiry date

o.melnikov
Level 1
Level 1

Hello!

There is ASA with remote access VPN and users are authenticated using third party signed certificates (CA is not local in ASA).

When user certificate expires i can see it in syslog messages. For example:

     %ASA-3-717009: Certificate validation failed. Certificate date is out-of-range, serial number: (...)

I would like to know if there is an opportunity to view user's certificate expiry date beforehand, say, 3 days before?

Thank you!

1 Accepted Solution

Accepted Solutions

Herbert Baerten
Cisco Employee
Cisco Employee

Hi Oleg,

the user should get a warning when his certificate is about to expire, but on the ASA you cannot detect this, sorry.

hth

Herbert

View solution in original post

3 Replies 3

Herbert Baerten
Cisco Employee
Cisco Employee

Hi Oleg,

the user should get a warning when his certificate is about to expire, but on the ASA you cannot detect this, sorry.

hth

Herbert

Hi Herbert!

Thank you!

The following enhancement requests have been filed for this though:

CSCeh73797, CSCsk86689, CSCsy90223. If you have a cisco accounts team you should follow up with them regarding these enhancements.