Re: I lost my identitiy certificate

SubnetWarrior · ‎07-27-2020

So my boss told me to generate csr to renew the vpn certificatte renew date.

I never do that (generate the csr) and eventually i succed to generate the csr. And send it to my boss. My boss certificate the csr and return it to me to inject it to my asa.

The problem is in identitiy certification menu, i dont see any pending identity. What i know is in pending identity we install the certificate. But i don't see any pending identitiy.

What i learn from documentation is we install certificate to CSR identitiy that we create before (marked with pending) :

Any help please?

Karsten Iwen · ‎07-28-2020

What are you seeing instead?

SubnetWarrior · ‎07-28-2020

I see 3 other identitiy with their issued by symantect, verisign, and digicert.
When the certified CSR/SSL arrive from my CA, can i just create a new identitiy certificate and install that SSL to my new identity certificate?
What i read is that when we generate CSR, we automaticaly create identity certificate with pending value. But in my asa, i don't see any identitiy certificate with pending value.

Karsten Iwen · ‎07-28-2020

no, you can not just create a new one. After creating it in the ASA, you need to provide the generated "Certificate Signing Request" to the CA and they have to issue a new certificate that you import. Do not reload the ASA between this two steps.