Can you enable the following debugs while importing the certificate.
debug crypto ca mess 255
debug crypto ca trans 255
and also please let me know what is the signature algorithm being used in the certificate.
Is it, SHA1,SHA2 or MD5.
The Hosts in the VLAN 158 are directed connected to the switch, that is the reason ASA inside ip address is able to ping hosts on 10.193.0.0/16 subnet.
They are not going through Juniper device.
But anything else that will use the next-hop for routin...
I Just went through the config and was able to see a route-map applied to the vlan 193.
interface Vlan193 ip address 10.193.255.250 255.255.0.0 standby 6 ip 10.193.255.254 standby 6 preempt ip policy route-map SMMPH_RMAP!route-map SMMPH_RMAP permit 1...
Can you try to give a specific route for the VPN pool and try to see if it worked after that or not, from the traceroute i am able to see that it is not sending the traffic to ASA's interface 10.158.2.6, its sending it over to 10.160.1.3.