01-24-2014 02:38 AM - edited 03-11-2019 08:35 PM
Hi all
Who knows where the ceritifcate on the ASA can be edited/deleted/renewed which is responsible for the access via ASDM? With the "show crypto key mypubkey rsa" I get all certificates, but none matches with the modulus I can see when I access the ASA with a webbroser to https://asa-name
Thank you
Markus
01-24-2014 04:38 AM
Hello Markus,
This is a Self-Signed Certificate that is created every single time the ASA reboots.
You can make it permanent altough.
Its show crypto ca trustpoints to see the one available and then you can modify as needed.
You can configure it manually and also enable it on the right interface with the command ssl trustpoint "name" name_if
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
01-24-2014 06:22 AM
Hi,
In ASDM, go to Configuration > Device Managment > Certificate Management.
Sent from Cisco Technical Support iPhone App
01-24-2014 06:46 AM
Thanks guys for your quick reply.
The point is that when I check the certificates with "show crypto ca certificates", none of these certificates has the serial number which I can see when I connect with the browser. So I still was not able to find the certificate with this serial number on the ASA.
I also have three trustpoints configured for the ASDM: ASDM_TrustPoint0, hostname-Trustpoint and ASDM_TrustPoint. For the ASDM_Trustpoint, I generated a new self-signed certificate, so this is also what I can see. But the connection with the browser don't show me this certificate from the trustpoint ASDM_TrustPoint.
So which Trustpoint now is responsible to provide the certificate for the browser session? Of course I can delete them?
Thanks
Markus
01-24-2014 07:39 AM
Hey you still need to set the one you plan to use
ssl trustpoint name outside
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide