08-01-2022 08:11 AM
Hello
I am about to get an SSL cert for my Firepower 1120 from GoDaddy. Which OS should I do this in, Apache, or which one?
Thanks
Stephen Keating
Solved! Go to Solution.
08-01-2022 08:37 AM
@stephenkeating select the server type as other, as per the example in this guide. https://www.cisco.com/c/en/us/support/docs/security-vpn/public-key-infrastructure-pki/200339-Configure-ASA-SSL-Digital-Certificate-I.html
08-01-2022 08:17 AM
@stephenkeating you can generate the Certificiate Signing Request (CSR) on the FTD itself, then send this CSR to GoDaddy to sign, you then import the identity certificate to the FTD. https://www.cisco.com/c/en/us/support/docs/security-vpn/public-key-infrastructure-pki/215849-certificate-installation-and-renewal-on.html
Or alternatively you could use openssl to generate the CSR. This guide shows you how to use openssl to create a CSR for the FTD. https://integratingit.wordpress.com/2018/11/10/ftd-vpn-with-certificates/
08-01-2022 08:24 AM
Thanks for the information. I have already created the openssl csr, but when I go on the GoDaddy site to generate the SSL, it asks which language or OS to produce it in. The choices are Apache, Microsoft, etc. Which one should I choose for the Firepower 1120?
08-01-2022 08:37 AM
@stephenkeating select the server type as other, as per the example in this guide. https://www.cisco.com/c/en/us/support/docs/security-vpn/public-key-infrastructure-pki/200339-Configure-ASA-SSL-Digital-Certificate-I.html
08-01-2022 10:53 AM
The server type is just used for the provider (CA) to collect analytics information. No matter which type you select you will get the exact same x.509 certificate. For what it's worth, I tick the Apache box if it's required to give them something.
08-01-2022 10:55 AM
Thanks for the information
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide