cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3004
Views
0
Helpful
1
Replies

Install SSL Certificate onto ASA with CSM

hpretori
Cisco Employee
Cisco Employee

I have installed a CA signed certificate onto an ASA with ASDM

the exact and full procedure is documented here

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809fcf91.shtml

the problem is that I need to do this via CSM and not ASDM. I dont know how to do it via CSM and when you do it via ASDM, the next time that you submit and deploy to the ASA via CSM it removes the binding of the certificate to the management interface.

How is this procedure performed via CSM?

if the commands below are not supported by CSM, then how to do it with the Flexconfig?

ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1   

ssl trust-point TrustPoint0 interfacename

any assistance grreatly appreciated.

regards

henk

1 Reply 1

hpretori
Cisco Employee
Cisco Employee

Here is the answer to the above issue:

The certificate has been applied via ASDM. Hence it is out of band change for us. These changes seem to have been overwritten by us and so device presents us with the Old certificate during the final fetch.
We need to do a rediscovery before proceeding with deployment in such cases to avoid these errors.

Please check whether the delta generated has the cli for ssl trust-point . If so , we need to do a rediscovery prior to deploying.

Review Cisco Networking for a $25 gift card