12-17-2012 06:33 PM
Hi Guys,
We currently setup an Active/Standby ASA Firewall and with SSL VPN enabled. We found that the Certificate does not sync to standby unit. However, I manually import the CA certificate into Standby unit and somehow it will dissapear after sometime.
I understand that we need to do some Export and Import CA Certificates on ASA to make both have identical setting.
I tried the following command:-
crypto ca export trustpoint
hostname(config)# crypto ca export Main
crypto ca import trustpoint pkcs12
hostname(config)# crypto ca import Main pkcs12
But failed to export out the cert, I understand that it is only for ID cert and not CA cert?
The question is how can I sync both unit to have same identical certificate TrustPoint number?