FWSM - FQDN (alternate name) - need IP AND DNS hostname, is this supported?
On the FWSM I am trying to register a cert with a CA with an IP Address AND hostname, I can register fine using either an IP address or DNS hostname, but can't do both,
ciscoasa(config-ca-trustpoint)# fqdn test,220.127.116.11
ERROR: Invalid domain name specified.
Name labels can only contain letters, digits or hypthens.
According to RFC 2459 I should be able to add more than one...
18.104.22.168 Subject Alternative Name
The subject alternative names extension allows additional identities to be bound to the subject of the certificate. Defined options include an Internet electronic mail address, a DNS name, an IP address, and a uniform resource identifier (URI). Other options exist, including completely local definitions. Multiple name forms, and multiple instances of each name form, may be included.
Can anyone tell me if it's only possible to add a single alternative name?
with the ASA you can't do this , please see the following :
CSCso70867 ASA doesn't support SAN attributes for the enrollment request
the ASA will allow you to add the SAN to the CSR using the FQDN , but it still doesn't support multiple SAN , you can consider generating the CSR outbound using some CA that allows the use of multiple SAN.
as far as i know this can't be done on the FWSM also .
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:
Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...