cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
597
Views
0
Helpful
2
Replies

SCEP Anyconnect version 3 MS CA

littledavewhite
Beginner
Beginner

Hi All

Im using anyconnect and SCEP proxy on the ASA, trying to get identity certs from a windows CA. I want the certs to have a common name of the user id of the person requesting, basically to take the username as the common name. Is there a way to take the login name across into the comman name as part of the cert request. In the anyconnect client profile you have the option of enrollment but if i set the Cn her it would use this for everybody ?

I want to use authentication based on certs. So each user requires their own cert based on common name. I presume then i can revoke the cert to prevent authentication ?

Any help would be great.

David

2 REPLIES 2

anosaxen
Beginner
Beginner

David,

Use the following wild card in the XML profile against CN

%USER%

regards

Anoop

Anoop

This is so easy and so brilliant, going to try this and see how we go thanks very much.

David

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: