Community,
I am trying to delete an identity cert in my ASA that is expired. However, when I try the ASA states that the Trustpoint "is in use" and thus is not allowing me to. Upon further investigation I found that one of the CA Certs is tied to the Trustpoint in question. I cannot see any way to change the Trustpoint. My questions are these:
1) What exactly is a Truspoint?
2) Can I just remove the CA Cert? I dont think the ASA is using the CA Certs to auth the clients that connect to the Firewall using Anyconnect is it? From what I understand, the ASA presents the ID Cert to the client machine as proof of a trusted connection. Im not exactly sure the use case for a CA cert if the firewall isnt having to trust any certs presented to it.
Any help you can provide would be swell,
Thanks.