ASA 5505 Local Certificate Authority - Page Error

MARTINSKW · ‎06-29-2013

Hello!

I have set up a Local Certificate Authortiy Server on my ASA. All went fine till the point when I want to login with a browser to create a user certificate.

It seems that the internal webserver from the ASA does not find the login page (HTTP Error 404) (logon.html):

Does anyone have any ideas what this problem could be?

Michael Muenz · ‎06-29-2013

Why don't you enroll via ASDM?

Michael

Please rate all helpful posts

Michael Please rate all helpful posts

MARTINSKW · ‎06-29-2013

how can I?

johnlloyd_13 · ‎06-29-2013

hi,

are you using a PKI system (SCEP) or an ASA self-signed cert?

anyways, both could be found in ASDM:

Configuration > Device Management > Certificate Management > Identity Certificates

rkumar5 · ‎07-01-2013

Hi Martin,

As I correctly understand you have made the ASA as local Certificate authority and you are trying to get the client certificate from the Local CA which is ASA.

The Local CA maintains its own user database of SSL VPN users.

Console:

crypto ca server user-db add  email  dn

ASDM:

Configuration > Remote Access VPN > Certificate Management > Local Certificate Authority > Manage User Database

The Local CA only supports user enrollment through it's enrollment interface at the following url. Enrollments can only be done on interfaces where webvpn is enabled.

https:///+CSCOCA+/enroll.html

HTH

Regards

Raj Kumar

Please rate all helpful posts

MARTINSKW · ‎07-01-2013

Hi all!

thanks for your help. With your tips and a litte experementing I could solve the problem. The CA Server is now sccesable with the web browser. The Problem was with the ports and interfaces.

-Martin