Hello together,
we've the problem, that the tunnel communication between ASA 5585-x Firepower modul and FMC is broken, because a certificate is expired. The tunnel certificate is valid till the year 2026. But the self signed CA-Certificate is expired:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: title=InternalCA, OU=Intrusion Management System, CN=0fdaa31a-0a80-11e5-9396-8729bd1128ad, O=Sourcefire, Inc.
Validity
Not Before: Jun 12 21:41:01 2014 GMT
Not After : Jun 9 21:41:01 2024 GMT
Subject: title=InternalCA, OU=Intrusion Management System, CN=0fdaa31a-0a80-11e5-9396-8729bd1128ad, O=Sourcefire, Inc.
Yes, I know, the ASA 5585-x is meanwhile without service, so I don't have TAC-support. But the new firewall aren't ready to work yet. So the old one must stay alive till migration.
Does anybody know a solution to renew the CA-Certificate via cli (without FMC)?
Thanks in advance
hopeful
Uwe