Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
833
Views
0
Helpful
0
Replies

ASA SSL Certificate renewal for Anyconnect - attributes

Bert S
Level 1
Level 1

‎07-03-2017 03:34 PM - edited ‎02-21-2020 09:21 PM

Hello,

l have a bunch of SSL certificates to renew for some ASA firewalls we use throughout the globe.

At the moment, the certificates used are "domain validated" but we would like to replace these with "organisation validated" certificates.  The FQDN of our VPNs will remain the same.

For the existing certs, I believe we essentially had to just specify the Common Name (CN) field when generating the CSR and applying for the cert from the CA.

Now, I think I need to specify the CN, OU, O, L, S and C attributes.   If we have VPNs in different countries but belonging to same company, am I right in thinking that the only field that would change is the CN (i.e. the other fields relate to the company itself - so if we have a company registered in the US, then the C=US even if the VPN gateway that the certificate will be installed in is actually located in Asia Pacific region?)

Also, is there any impact in changing from a domain validated SSL certificate to an organisation validated certificate when we renew the certificate on the ASA firewalls?  Or can this be done seamlessly?  (As mentioned, the FQDN and therefore the CN will be the same between old and new certs so I'm anticipating this should be straightforward)

If anyone with more experience can advise and let me know about any potentical gotchas that would be appreciated.  Thanks  in advance!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents