Solved: ASA Firewall CA Certificate vs. Idenity Certificate

gamoore · ‎02-13-2016

In the context of the Cisco ASA Firewall, what's the difference between a "CA Certificate" and an "Identity Certificate?"

Dinesh Moudgil · ‎02-13-2016

Hi gamoore,

CA certificate is the identity of the root certification authority which provides you the certificate.
On the contrary, Identity certificate is your identity which you can use within PKI infrastructure.

In essence, when you request certification authority (liek GoDaddy.Verisign etc) to provide you a certificate, they issue a certificate to you. That certificate is called Identity certificate which is signed/authorized by that a certificate which is called CA certificate

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

View solution in original post

Dinesh Moudgil · ‎02-13-2016

Hi gamoore,

CA certificate is the identity of the root certification authority which provides you the certificate.
On the contrary, Identity certificate is your identity which you can use within PKI infrastructure.

In essence, when you request certification authority (liek GoDaddy.Verisign etc) to provide you a certificate, they issue a certificate to you. That certificate is called Identity certificate which is signed/authorized by that a certificate which is called CA certificate

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Guorong Kelvin Wang · ‎08-31-2016

Just an additional question to it, so in terms of application wise, do we need both CA cert and Identity cert for VPN to function?

regards,

Kelvin