cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2045
Views
0
Helpful
3
Replies

PKI _SSL Certificate_ASA Firewlls_Private Key Information

NDP
Level 1
Level 1

recently uploaded a SSL  certificate(wildcard) on ASA Firewall issued by DigiCert. I got one SSL certificate , Intermediate CA and TrustedRoot certificate.

 

As far as I know, SSL certificate to function, Server ( in this case ASA) needs a private key to decrypt the data sent by client ( my laptop for ex). 

 

But, when I uploaded SSL certificate on to ASA Firewall, I didn't say any private key except the passphrase while importing it on ASA.

 

when browser hits "https://ASA IP"  address , browser would be given by SSL certificate which contains public Key. Browser now encrypts the ciphers information and symmetric key with public-key available in SSL certificate  and sends back to ASA FW IP.

 

How can ASA Firewall decrypts the message sent by broswer as I had never entered the private key . am I missing any point. 

1 Accepted Solution

Accepted Solutions

It depends. some CAs allow the CSR generation using their tools. In those cases, the private key is retained for use cases just such as yours - to later distribute along with the certificate.

View solution in original post