cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1827
Views
0
Helpful
1
Replies
Highlighted
Beginner

REMOVE A SELF SIGNED CERTIFICATE

Hi All,

 

We have just finished testing a new configuration on an ASA 5510 for Any Connect. During testing we used a self signed certificate but now want to install a full certificate from a CA. The question is what is the best way to remove the old self generated certificate so we don't get any conflicts when installing the new certificate?

 

We are looking at Go Daddy for the SSL cert, anyone have any other recommendations ?

 

Thanks,

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

  1. The certificate (or more accurate: the trustpoint) is assigned to the interface. If you configure a new trustpoint for your new certificate and assign that trustpoint to your outside interface, then nothing will conflict. If you want you can still use your self-signed certificate for the inside interface. But of course you can also delete it.
  2. There are so many CAs that you can choose from. Some customers of me use Entrust, others Thawte. I got mine from StartSSL. It's your choice. It's more about cost and reputation.

View solution in original post

1 REPLY 1
Highlighted
VIP Mentor

  1. The certificate (or more accurate: the trustpoint) is assigned to the interface. If you configure a new trustpoint for your new certificate and assign that trustpoint to your outside interface, then nothing will conflict. If you want you can still use your self-signed certificate for the inside interface. But of course you can also delete it.
  2. There are so many CAs that you can choose from. Some customers of me use Entrust, others Thawte. I got mine from StartSSL. It's your choice. It's more about cost and reputation.

View solution in original post