cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
20994
Views
25
Helpful
8
Replies

ASA Certs and Trustpoints

Craddockc
Level 3
Level 3

Community,

 

I am trying to delete an identity cert in my ASA that is expired. However, when I try the ASA states that the Trustpoint "is in use" and thus is not allowing me to. Upon further investigation I found that one of the CA Certs is tied to the Trustpoint in question. I cannot see any way to change the Trustpoint. My questions are these:

 

1) What exactly is a Truspoint?

2) Can I just remove the CA Cert? I dont think the ASA is using the CA Certs to auth the clients that connect to the Firewall using Anyconnect is it? From what I understand, the ASA presents the ID Cert to the client machine as proof of a trusted connection. Im not exactly sure the use case for a CA cert if the firewall isnt having to trust any certs presented to it.

 

Any help you can provide would be swell,

 

Thanks.