06-05-2014 07:37 AM - edited 02-21-2020 07:40 PM
Hi Everyone,
I have created CSR for anyconnect IkeV2.
When i ask the cert vendor what should i ask them that which type of cert i needed for IkeV2?
We do not want users to use ssl like https://xyz.com and connect and download the client.
We want users machine pre installed with anyconnect and profile and connect using IkeV2.
Regards
Mahesh
Solved! Go to Solution.
06-05-2014 08:28 AM
Every certificate vendor has their own way of listing choices. Many include Cisco among their choices. i.e.:
http://www.instantssl.com/ssl-certificate-support/csr_generation/ssl-certificate-index.html
Generally speaking a standard server certificate suffices as we're not doing much fancy with it - just verifying identity. The CN in the CSR should match the FQDN in that case..
06-05-2014 12:35 PM
Did you bind the new certificate to your outside interface?
06-05-2014 08:28 AM
Every certificate vendor has their own way of listing choices. Many include Cisco among their choices. i.e.:
http://www.instantssl.com/ssl-certificate-support/csr_generation/ssl-certificate-index.html
Generally speaking a standard server certificate suffices as we're not doing much fancy with it - just verifying identity. The CN in the CSR should match the FQDN in that case..
06-05-2014 10:30 AM
Hi Marvin,
I got cert from Entrust.
it has 3 options server cert,root cert and chain cert.
i installed the server cert on the ASA and now status of cert has changed from pending.
When i connect to anyconnect ikev2 it still gives me cert warning line non trusted cert.Do i need to do any config change in anyconnect ikev2?
Regards
Mahesh
06-05-2014 12:35 PM
Did you bind the new certificate to your outside interface?
06-05-2014 12:58 PM
Hi Marvin,
I did that and now i do not see message saying that you are connecting to untrusted
certificate.
Many thanks
Mahesh
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide