01-26-2010 07:16 AM - edited 03-11-2019 10:01 AM
I'm setting up an anyconnect vpn connection. I see that I need to create
a ssl key for this. It uses the same command to generate an ssh key.
Will the newly generated key replace the existing key? If it does is there any impact outside of the ssh keys on my clients clamoring about the key change?
What will happen if I end up getting a 'real' cert through verisign, etc? Will those replace the ssl key?
Thanks!
-Jeff
Solved! Go to Solution.
02-03-2010 01:21 PM
Jeff, RSA keys are not the same as SSL certs which Anyconnect uses, however any cert (SSL or ID) relies on keys since these are the public and private keys that are shared during the connection, generating a new RSA key with the default form of the command will re create any existing key wiping out current SSH keys, however if you name the RSA key you are about to create and call this key from within the trustpoint that you use to generate the SSL certificate will not cause any problems with the pre existing keys.
As for your other question if you get a "real" SSL cert you would typically need to generate a CSR (Certificate Signing Request) which will generate a new RSA Key.
02-03-2010 01:21 PM
Jeff, RSA keys are not the same as SSL certs which Anyconnect uses, however any cert (SSL or ID) relies on keys since these are the public and private keys that are shared during the connection, generating a new RSA key with the default form of the command will re create any existing key wiping out current SSH keys, however if you name the RSA key you are about to create and call this key from within the trustpoint that you use to generate the SSL certificate will not cause any problems with the pre existing keys.
As for your other question if you get a "real" SSL cert you would typically need to generate a CSR (Certificate Signing Request) which will generate a new RSA Key.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide