06-26-2014 08:19 AM - edited 02-21-2020 07:42 PM
I need to use 2012 to send out the certificates for the clients. Are there any Docs on setting this up specifically for 2012? Everything I found so far is for 2003-8.
06-26-2014 09:49 AM
Hi,
is this what you are looking for??
http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-centralized-ssl-certificate-support-ssl-scalability-and-manageability
http://blogs.msdn.com/b/kaushal/archive/2012/10/11/central-certificate-store-ccs-with-iis-8-windows-server-2012.aspx
Regards
Karthik
06-26-2014 10:57 AM
These are what I have found, the first one is the overview, and I have several deployments where the ASA is the Certificate Server, however I have a request to make the Certificate Server their AD, which is 2012. I can find all kinds of docs on using 2003 -8 for this purpose, but the only one related to 2012 is the bottom link, and I am having issues getting the OCSP working based on that doc. Some critical information was missing on the user used for the services on the Microsoft papers, so not at all surprised that I still cant get it to work.
http://www.cisco.com/c/dam/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/guide_c07-717020.pdf
http://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116720-config-asa-ocsp-00.html#anc9
On this doc, CA Configuration for OCSP Template, step one shows group or username but no where in the doc, does it specify the shown user being set up.
06-26-2014 02:03 PM
Some further information. In a nutshell, instead of having to add every user to the ASA to issue a certificate for their Anyconnect Mobile, they want to use Active Directory.
http://www.cisco.com/c/en/us/support/docs/ip/lightweight-directory-access-protocol-ldap/116096-configure-anyconnect-openldap-00.html#anc13
I am not finding anything on how to configure the ASA and Windows server to be able to do this.
Can it be done?
06-26-2014 02:11 PM
Found this, might be on the right trail now, but hate going through all of this to find out it wont work.
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/Unified_Access_Book/UA_Security.html#wp1253798
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide