Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3008
Views
0
Helpful
1
Replies

Install SSL Certificate onto ASA with CSM

hpretori
Cisco Employee
Cisco Employee

‎08-24-2011 07:12 PM - edited ‎02-21-2020 04:26 AM

I have installed a CA signed certificate onto an ASA with ASDM

the exact and full procedure is documented here

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809fcf91.shtml

the problem is that I need to do this via CSM and not ASDM. I dont know how to do it via CSM and when you do it via ASDM, the next time that you submit and deploy to the ASA via CSM it removes the binding of the certificate to the management interface.

How is this procedure performed via CSM?

if the commands below are not supported by CSM, then how to do it with the Flexconfig?

ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1   

ssl trust-point TrustPoint0 interfacename

any assistance grreatly appreciated.

regards

henk

3 people had this problem
0 Helpful
1 Reply 1

hpretori
Cisco Employee
Cisco Employee

‎12-11-2011 04:34 PM

Here is the answer to the above issue:

The certificate has been applied via ASDM. Hence it is out of band change for us. These changes seem to have been overwritten by us and so device presents us with the Old certificate during the final fetch.
We need to do a rediscovery before proceeding with deployment in such cases to avoid these errors.

Please check whether the delta generated has the cli for ssl trust-point . If so , we need to do a rediscovery prior to deploying.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card