Solved: Generate a Sha1 CSR on a ASA5520 8.2.1

philipeddies · ‎11-25-2013

I am tring to get an SSL certificate on my ASA to use with AnyConnect when I generate the "cerificate signing reequest", the asa hashes it with MD5 not SHA1 and the provider I am purchasing my public SSL certificate from will only allow SHA1 CSR's

The code on my asa is fairly old now version 8.2.1, is there anyway I can generate the csr in sha1 format without upgrading the ios on my asa?

Marius Gunnerud · ‎11-28-2013

This is a limitation (or weakness) in earlier versions of the ASA and although it is not a bug, a bug report has been created to fix this issue. You need to upgrade to 8.2(2) or higher to solve your issue. Here is a link to the bug report:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsw88068

--

Please rate all helpful posts and remember to select a correct answer

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

Marius Gunnerud · ‎11-28-2013

This is a limitation (or weakness) in earlier versions of the ASA and although it is not a bug, a bug report has been created to fix this issue. You need to upgrade to 8.2(2) or higher to solve your issue. Here is a link to the bug report:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsw88068

--

Please rate all helpful posts and remember to select a correct answer

--
Please remember to select a correct answer and rate helpful posts