Solved: Certificate issue

louis0001 · ‎08-04-2015

Hi,

we are trying to import a certificate that has been exported from an IIS server.

The certificate is a wildcard certificate (.pfx) that works as I have managed to install this on another IIS server and an ASA.

I'm struggling to get it into one of our ASA 5510's and everytime I try to install it, it just comes back with a "pkcs12 import" failed error which doesn't give me much clue as to what the error is.

The trustpoints increase each time and if I look at the trustpoints i can see that each file starts with the following:

WARNING: Temporary self-signed certificate is being generated to export the keypair since an associated ID certificate is not available.

Firstly, I'd like to delete all of these trustpoints as they are now up as trustpoint 20 (started at trustpoint 6) and then I'd like to try and find out why the certificate won't import on 2 of our 5510's?

Anybody any idea?

Thanks

louis

Marvin Rhoads · ‎08-04-2015

If you're importing a certificate that was issued to another server, you need to have both the certificate and server private key in PEM format.

This article is pretty old but still valid step-by-step.

View solution in original post

Marvin Rhoads · ‎08-04-2015

If you're importing a certificate that was issued to another server, you need to have both the certificate and server private key in PEM format.

This article is pretty old but still valid step-by-step.

louis0001 · ‎08-05-2015

I tried that but for some reason nothing took. in the end, I ended up creating a CSR on the ASA and getting a 3 year cert.

This took straight away so problem solved. Thanks for you assistance.