Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1792
Views
0
Helpful
2
Replies

ASDM 7.8 CA Certificate & Associated Trustpoints

Go to solution
IT-LDI
Level 1
Level 1

‎04-04-2019 01:15 PM - edited ‎04-04-2019 01:34 PM

I had to request a new certificate package from our provider to reinstall the Identity certificate. I thought it would be best to load the CA certificate that came along with the package and when I did, it it successfully added it but it shows the certificate installed with (2) Trustpoints. Trustpoint0 and Trustpoint3.

My question is how can I remove the earlier Trustpoint0? Is there a way to do this, or does it not matter?

 

Thank you,

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎04-04-2019 02:02 PM

Its not going to create a problem, you can leave it as is if you wanted. I assume that the same CA issued your old Certs as well. They might have been installed in Trustpoint 0 before, but now also installed inside Trustpoint3 with the new import. My recommendation would be remove the old trustpoints if the cert has expired and not in use. See steps below:

 

asa(config)# no crypto ca trustpoint ASDM_TrustPoint0
WARNING: Removing an enrolled trustpoint will destroy all 
certificates received from the related Certificate Authority.

Are you sure you want to do this? [yes/no]: yes
INFO: Be sure to ask the CA administrator to revoke your certificates.
homelab-asa(config)#

View solution in original post

0 Helpful

Go to solution
IT-LDI
Level 1
Level 1
In response to Rahul Govindan

‎04-04-2019 04:03 PM

I will just leave it as it is to avoid anymore issues since it's not causing any problems.

I really appreciate your help!

 

Thank you,

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎04-04-2019 02:02 PM

Its not going to create a problem, you can leave it as is if you wanted. I assume that the same CA issued your old Certs as well. They might have been installed in Trustpoint 0 before, but now also installed inside Trustpoint3 with the new import. My recommendation would be remove the old trustpoints if the cert has expired and not in use. See steps below:

 

asa(config)# no crypto ca trustpoint ASDM_TrustPoint0
WARNING: Removing an enrolled trustpoint will destroy all 
certificates received from the related Certificate Authority.

Are you sure you want to do this? [yes/no]: yes
INFO: Be sure to ask the CA administrator to revoke your certificates.
homelab-asa(config)#
0 Helpful

Go to solution
IT-LDI
Level 1
Level 1
In response to Rahul Govindan

‎04-04-2019 04:03 PM

I will just leave it as it is to avoid anymore issues since it's not causing any problems.

I really appreciate your help!

 

Thank you,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card