Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2639
Views
0
Helpful
2
Replies

Installing certificate on ASA 5015 for VPN

operations1997
Level 1
Level 1

‎08-17-2020 08:07 AM

Hi there,

 

We have a (wildcard) domain certificate for our business, I am hoping we would be able to use this also on our Firewall for VPN.

 

Would someone be able to point me in the right direction as to how this can be done?

 

 I have tried adding our .crt file however I get an error "Error: Certificate doesn't have the Basic Constraints CA flag set"

 

Am I doing this right? 

Should this certificate work?

 

Stephen

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎08-17-2020 08:46 AM

Yes ASA do support wildcard certificate as long as FQDN matches.

 

here is the guide and steps : ( read step by step) - may some small step missing i guess here. - have never seen that error.

 

https://www.cisco.com/c/en/us/support/docs/security-vpn/public-key-infrastructure-pki/200339-Configure-ASA-SSL-Digital-Certificate-I.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

operations1997
Level 1
Level 1
In response to balaji.bandi

‎08-18-2020 02:29 AM

Hi BB,

 

Thank you for the quick reply.  I have been reading through this guide.

 

One possible complication I haven't seen a solution for on there is that we already have the certificate produced from a CSR generated from a different server.

 

Does the process work when you haven't generated the CSR from the ASDM?

 

Stephen

0 Helpful
Customers Also Viewed These Support Documents