ASA 8.2 - SSL Wildcard Certificate Installation

rcoote5902_2 · ‎04-13-2010

Hello,

I'm in the process of setting up SSL VPN on our ASA 5520 running 8.2 and would like to use our Thawte-issued wildcard certificate, however while I've been able to install it as a CA Certificate - I'm unable to use this as a trustpoint for the SSL VPN. I've tried installing the cert as an Identity Certificate however I only seem to be able to generate a new CSR which I shouldn't have to do with a wildcard cert from what I understand.

Can anyone provide some insight on what I need to do to get this wildcard cert installed?

Thanks,

Rob

Jennifer Halim · ‎04-13-2010

1) Crypto trustpoint for that wildcard certificate should have "fqdn none" configured.

2) Then you would need to import both certificate and the key-pair to the ASA if you didn't generate the CSR from this ASA. The format should be PKCS12 (you would need to use OpenSSL to combine the certificate and key-pair in PKCS12 format prior to importing it to ASA):

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/c5.html#wp2187289

Hope that helps.

ihernandez81 · ‎10-09-2012

rcoote5902, did you ever get an answer to this? I'm at the same point right now on an asa..did you use openssl to generate your CSR...did you get some steps on this...

rcoote5902_2 · ‎10-09-2012

Hello,

No this was never resolved. We're also in the process of migrating to a different firewall vendor.

Thanks,

Rob