Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2613
Views
0
Helpful
0
Replies

Can't delete ASA old certificates from chain

B1r070
Level 1
Level 1

‎10-12-2016 04:29 AM - edited ‎03-12-2019 01:23 AM

Hi,

today I renewed a certificate for the ASA's WEB-VPN and I wanted to remove the old one.

I followed the advice found in this link https://supportforums.cisco.com/discussion/12529666/delete-certificates-cisco-asa and I run the command "no certificate {Hex-Data}" to specify the old certificate:

ASA(config-ca-trustpoint)# crypto ca certificate chain {Trust-Point}
ASA(config-cert-chain)# no certificate {hex-data Certificate Serial Number}
Are you sure you want to remove the certificate? [yes/no]: yes
INFO: The certificate has been deleted/unassociated for trustpoint
ASA(config-cert-chain)

It deleted instead the new certificate ignoring the S/N!

is there a way to delete the old without recreating the trust point?

P.S.: I am a quite frustrated that a simple thing to do on any other device, like enrolling or renewing the certificates, Cisco makes so contorted.

For the advice I found I can only be very grateful to the users of this community that have shared their endeavor so far.

Thanks

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card