cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
853
Views
4
Helpful
8
Replies

How to renew the selfsigned CA-Certificate at the ASA-Firepower modul?

u.drechsel
Level 1
Level 1

Hello together,

we've the problem, that the tunnel communication between ASA 5585-x Firepower modul and FMC is broken, because a certificate is expired. The tunnel certificate is valid till the year 2026. But the self signed CA-Certificate is expired:

Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: title=InternalCA, OU=Intrusion Management System, CN=0fdaa31a-0a80-11e5-9396-8729bd1128ad, O=Sourcefire, Inc.
Validity
Not Before: Jun 12 21:41:01 2014 GMT
Not After : Jun 9 21:41:01 2024 GMT
Subject: title=InternalCA, OU=Intrusion Management System, CN=0fdaa31a-0a80-11e5-9396-8729bd1128ad, O=Sourcefire, Inc.

Yes, I know, the ASA 5585-x is meanwhile without service, so I don't have TAC-support. But the new firewall aren't ready to work yet. So the old one must stay alive till migration.

 

Does anybody know a solution to renew the CA-Certificate via cli (without FMC)?

 

Thanks in advance

hopeful

Uwe

8 Replies 8

Marvin Rhoads
Hall of Fame
Hall of Fame