01-11-2011 04:13 PM - edited 02-21-2020 05:04 PM
folks
i have a query about authenticating users with digital certs and username/password
my ssl vpn is working ok but i only have a single user so far
my query is about how to handle additional users and certificates
i'm going to add the users into the asa for local authentication but its the certificates i'm not sure about
can i use the same account in the local certificate user dbase, i.e. sslconnect, and just generate a new OTP for each user i add to create the certificate or should i create a new account in the LCA user dbase for each user account i create in AAA
hope this isn't too confusing
thanks to anyone taking the time to reply or to read this
greatly appreciated
Solved! Go to Solution.
01-11-2011 04:26 PM
If you are authenticating using certificate, then you would need to issue each user a different certificate for him/herself. The certificate will be unique certificate for each user. I would recommend that you have the username as the certificate CN instead of a common "sslconnect" as the CN, so you can distinguish different user.
Hope that answers your question.
01-11-2011 04:26 PM
If you are authenticating using certificate, then you would need to issue each user a different certificate for him/herself. The certificate will be unique certificate for each user. I would recommend that you have the username as the certificate CN instead of a common "sslconnect" as the CN, so you can distinguish different user.
Hope that answers your question.
01-11-2011 04:35 PM
jennifer
many thanks for the prompt response, its greatly appreciated
i think what you suggest is what i need to do so i'll test it out asap
thanks again
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide