03-12-2024 09:06 AM
Has anyone ran into the issue where logging into ASDM for a Cisco ASA 5516-X give the following error:
"The certificate present in this device is not valid. Certificate date is Expired or not valid as per current date"
How could we renew the certificate and is this cert a self-sign cert?
Thank you
03-12-2024 11:05 AM
what is the version of ASA code and ASDM Version ?
is this worked before ?
check the certs renewal :
03-14-2024 08:31 AM
Hi Balaji,
Cisco Adaptive Security Appliance Software Version 9.16(4)18
SSP Operating System Version 2.10(1.248)
Device Manager Version 7.20(2)
This has worked before so it is kinda random that it just stopped working. I am starting to find forums that says version 7.20(2) ASDM is causing this issue.
03-14-2024 09:26 AM
but sure if you think that is the lower the ASDM to 7.18 and check
https://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#reference_upj_nkl_x4b
11-04-2024 07:14 AM
Hello,
I have a customer with the same issue on ASDM 7.20(2). Did you try to revert back to an older version?
Thanks
/Chess
03-14-2024 08:35 AM
10-26-2024 04:45 AM
Just add in Java security tab https://ip_address_asa
05-28-2025 01:01 AM
I had the same issue, after setting up a recycled lab ASA...
First, check the time of the ASA, and configure NTP or set at least the time manually (probably one day in the past, just to make sure you don't get any issues with time zone, and the certificate will be ready)..
show clock
! if not set correctly, properly with NTP...
clock timezone UTC +1
clock summer-time UTC+2 recurring last Sun Mar 2:00 last Sun Oct 3:00
!
ntp server YOURNTPSERVERIP source inside prefer
! or simply quick and dirty.. set the clock manually
clock set 09:40:00 27 May 2025
Then, create a self signed certificate and assign it to the management interface
crypto key generate rsa label MYSSLKEYPAIR modulus 4096
crypto ca trustpoint MYCERT
enroll self
fqdn myasa.domain.local
subject-name CN=myasa.domain.local
keypair MYSSLKEYPAIR
crypto ca enroll MYCERT noconfirm
ssl trust-point MYCERT mgmt
!(mgmt is the nameif of my Management Interface)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide