Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1869
Views
0
Helpful
1
Replies

Require Client Certificate to Access ASDM on the Following Interfaces

mlenco
Level 1
Level 1

‎02-13-2015 07:56 AM - edited ‎03-11-2019 10:29 PM

Hello

 

I have an ASA 5585 with an outside interface with two subnets. The mgmt interface is the secondary interface. I have a certificate linked to the outside interface's primary ip address. When I ASDM to the ASA I get a dialog box telling me the cert is self signed. Do I need to get a second cert or can I do something else on the ASA that will allow the existing cert on the ASA to work with ASDM on the ASA?

 

I.e. Configuration/Management Access/ASDM/HTTPS/Telent/SSH/Require Client Certificate to Access ASDM on the Following Interfaces

 

Thanks!

 

Matt

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-13-2015 09:17 AM

You can bind the identity certificate to multiple interfaces. Whether it is self-signed or from a third party trusted root CA it will work either way.

You may get some warnings from ASA if the FQDN or IP address you are connecting to does not match the certificate but clicking through that will allow you to manage the appliance.

Client certificates are a totally separate issue. That's typically only used when you have a PKI and are using the certificates issued to a client as a form of authentication and/or authorization.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card