Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4804
Views
0
Helpful
7
Replies

ASDM Certificate Issue

jhnet
Level 1
Level 1

‎03-12-2024 09:06 AM

Has anyone ran into the issue where logging into ASDM for a Cisco ASA 5516-X give the following error:
"The certificate present in this device is not valid. Certificate date is Expired or not valid as per current date"

How could we renew the certificate and is this cert a self-sign cert?


Thank you

3 people had this problem
0 Helpful
7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

‎03-12-2024 11:05 AM

what is the version of ASA code and ASDM Version ?

is this worked before ?

check the certs renewal :

https://www.cisco.com/c/en/us/support/docs/security/vpn-client-tools/220395-install-and-renew-certificates-on-asa-ma.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

jhnet
Level 1
Level 1
In response to balaji.bandi

‎03-14-2024 08:31 AM

Hi Balaji,

Cisco Adaptive Security Appliance Software Version 9.16(4)18
SSP Operating System Version 2.10(1.248)
Device Manager Version 7.20(2)

This has worked before so it is kinda random that it just stopped working. I am starting to find forums that says version 7.20(2) ASDM is causing this issue.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to jhnet

‎03-14-2024 09:26 AM

but sure if you think that is the lower the ASDM to 7.18 and check

https://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#reference_upj_nkl_x4b

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Chess Norris
Level 4
Level 4
In response to jhnet

‎11-04-2024 07:14 AM

Hello,

I have a customer with the same issue on ASDM 7.20(2). Did you try to revert back to an older version?

Thanks

/Chess

0 Helpful

tomasz.gluszko
Level 1
Level 1

‎10-26-2024 04:45 AM

Just add in Java security tab https://ip_address_asa

0 Helpful

miso-ch
Level 1
Level 1

‎05-28-2025 01:01 AM

I had the same issue, after setting up a recycled lab ASA...

First, check the time of the ASA, and configure NTP or set at least the time manually (probably one day in the past, just to make sure you don't get any issues with time zone, and the certificate will be ready)..

show clock

! if not set correctly, properly with NTP...
clock timezone UTC +1
clock summer-time UTC+2 recurring last Sun Mar 2:00 last Sun Oct 3:00
!
ntp server YOURNTPSERVERIP source inside prefer

! or simply quick and dirty.. set the clock manually
clock set 09:40:00 27 May 2025

 

Then, create a self signed certificate and assign it to the management interface

crypto key generate rsa label MYSSLKEYPAIR modulus 4096
crypto ca trustpoint MYCERT
  enroll self
  fqdn myasa.domain.local
  subject-name CN=myasa.domain.local
  keypair MYSSLKEYPAIR
crypto ca enroll MYCERT noconfirm
ssl trust-point MYCERT mgmt

!(mgmt is the nameif of my Management Interface)

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card