Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
900
Views
0
Helpful
3
Replies

ASDM Certificate Installation with no CSR shown in ASDM

Go to solution
babylon5
Level 1
Level 1

‎01-19-2011 08:37 AM

My ASA is going to be used as a VPN concentrator. I need to have an ID certificate applied to an interface.

I created the Trustpoint. I generated a CSR. I sent the CSR to our ID Cert provider.

When I went back to the ASA the pending Trustpoint information (under Configuration > Device Management > Certificate Management > Identity Certificates) that would have allowed me to install the certificate is no longer there.

How do I import this valid certificate and associate it with the proper Trustpoint.

Thanks,

Will

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Craig Lorentzen
Cisco Employee
Cisco Employee

‎01-19-2011 09:01 AM

Hello babylon5,

You will want to recreate the trustpoint, using the same information used previously.  The most important thing being that you select the same rsakeypair that you selected/created the first time.  As long as the RSA keypair matches things should be fine.

Then Authenticate the trustpoint with the certificate signer...and finally install your new certificate.

If you do not remember the original RSA key, you should be able to request that they sign another CSR in place of the one you just used so that you can get the proper public key.

-Craig

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Craig Lorentzen
Cisco Employee
Cisco Employee

‎01-19-2011 09:01 AM

Hello babylon5,

You will want to recreate the trustpoint, using the same information used previously.  The most important thing being that you select the same rsakeypair that you selected/created the first time.  As long as the RSA keypair matches things should be fine.

Then Authenticate the trustpoint with the certificate signer...and finally install your new certificate.

If you do not remember the original RSA key, you should be able to request that they sign another CSR in place of the one you just used so that you can get the proper public key.

-Craig

0 Helpful

Go to solution
babylon5
Level 1
Level 1
In response to Craig Lorentzen

‎01-19-2011 09:31 AM

That is what I was afraid of. I have done that before, but I had hoped there was a better way.

Thanks,

Will

0 Helpful

Go to solution
dadasaheb.shaikh2
Level 1
Level 1

‎06-17-2014 05:52 AM

Thank you Craig, It works for me :)

0 Helpful
Customers Also Viewed These Support Documents