04-04-2019 01:15 PM - edited 04-04-2019 01:34 PM
I had to request a new certificate package from our provider to reinstall the Identity certificate. I thought it would be best to load the CA certificate that came along with the package and when I did, it it successfully added it but it shows the certificate installed with (2) Trustpoints. Trustpoint0 and Trustpoint3.
My question is how can I remove the earlier Trustpoint0? Is there a way to do this, or does it not matter?
Thank you,
Solved! Go to Solution.
04-04-2019 02:02 PM
Its not going to create a problem, you can leave it as is if you wanted. I assume that the same CA issued your old Certs as well. They might have been installed in Trustpoint 0 before, but now also installed inside Trustpoint3 with the new import. My recommendation would be remove the old trustpoints if the cert has expired and not in use. See steps below:
asa(config)# no crypto ca trustpoint ASDM_TrustPoint0 WARNING: Removing an enrolled trustpoint will destroy all certificates received from the related Certificate Authority. Are you sure you want to do this? [yes/no]: yes INFO: Be sure to ask the CA administrator to revoke your certificates. homelab-asa(config)#
04-04-2019 04:03 PM
I will just leave it as it is to avoid anymore issues since it's not causing any problems.
I really appreciate your help!
Thank you,
04-04-2019 02:02 PM
Its not going to create a problem, you can leave it as is if you wanted. I assume that the same CA issued your old Certs as well. They might have been installed in Trustpoint 0 before, but now also installed inside Trustpoint3 with the new import. My recommendation would be remove the old trustpoints if the cert has expired and not in use. See steps below:
asa(config)# no crypto ca trustpoint ASDM_TrustPoint0 WARNING: Removing an enrolled trustpoint will destroy all certificates received from the related Certificate Authority. Are you sure you want to do this? [yes/no]: yes INFO: Be sure to ask the CA administrator to revoke your certificates. homelab-asa(config)#
04-04-2019 04:03 PM
I will just leave it as it is to avoid anymore issues since it's not causing any problems.
I really appreciate your help!
Thank you,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide