09-17-2015 12:58 PM - edited 02-21-2020 05:35 AM
Hi
I am getting to grips with certificates. So if I have installed for example Cisco ASA, Prime, ACS etc, when I try to connect to the server via HTTPS, I usually would get a security warning that the server is not trusted. What can I do in terms of setting up a certificate so that it is trusted.
Can I use a self generated cert for this purpose.
Thanks
Solved! Go to Solution.
09-17-2015 03:57 PM
You can trust self-signed certificates. The process can be a bit laborious. You need to start by making sure your server private key is strong (2048-bits).
Then when you generate the certificate the host name and domain name should match the DNS FQDN you will be using. Otherwise most browsers will complain that the certificate Common Name (CN) doesn't match the FQDN even if you trust the certificate.
Finally you need to download and import the certificate into your client computer's Trusted Root Certificate Store.
You can also use third party (i.e. public CA) signed certificates that you purchase. Some organizations purchase a wildcard certificate that can be used on any number of internal servers. I did the latter for a Prime Infrastructure server and documented how to in this posting.
09-17-2015 03:57 PM
You can trust self-signed certificates. The process can be a bit laborious. You need to start by making sure your server private key is strong (2048-bits).
Then when you generate the certificate the host name and domain name should match the DNS FQDN you will be using. Otherwise most browsers will complain that the certificate Common Name (CN) doesn't match the FQDN even if you trust the certificate.
Finally you need to download and import the certificate into your client computer's Trusted Root Certificate Store.
You can also use third party (i.e. public CA) signed certificates that you purchase. Some organizations purchase a wildcard certificate that can be used on any number of internal servers. I did the latter for a Prime Infrastructure server and documented how to in this posting.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide