08-20-2012 02:35 AM - edited 02-21-2020 06:16 PM
Hopefully someone can give me a quick answer to my query, we currently have a remote access asa setup using Anyconnect with self signed certificate, and several users in the certificate database as we are using radius and certificate for authentication.
I want to purchase and obtain a trusted CA signed certificate (such as Verisign) and replace the current self signed cert.
My question is will I have to reset the current CA server of the ASA and replace the certificate user database? ie start from scratch.
Solved! Go to Solution.
08-20-2012 03:36 AM
No, you don't have to start from scratch. It's quite common to have the ASA-identity-cert from a public CA, but the user-certs are from a private CA. With your change you achieve exactly this scenario.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-20-2012 03:36 AM
No, you don't have to start from scratch. It's quite common to have the ASA-identity-cert from a public CA, but the user-certs are from a private CA. With your change you achieve exactly this scenario.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-20-2012 03:44 AM
Thanks that makes sense
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide