Hi,
My organization runs an Entrust CA... I don't have any control of it... I currently do have a working certificate in this CA that I use for other authentication purposes. This CA doesn't support SCEP - everything has to be done manually (its a policy I have no control on).
I have successfully manually enrolled my ASA5510 into this CA... And I am able to receive the CRL updates from this ASA. As most of the intended VPN connections to my ASA will be done by me and others who have existing certs like me in this established CA, I'd like to use my existing cert with my ASA and not have to enroll everyone again...
Question I have is - do I have to manually enrol my VPN client into the CA for an additional certificate or can I some how import my current entrust certificate or can I just point to a group policy that will go to my CA to authentiate me? And how do I import this already enrolled Entrust certificate into the VPN client?
Thanks in advance, Chris