cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1049
Views
5
Helpful
2
Replies

Using a UCC certificate for FTD AnyConnect

MauryJ
Level 1
Level 1

Hello all,

 

I have a few questions on setting up a certificate for use on FTD 6.2.3 for AnyConnect connections.

I am familiar with the process of using openssl to generate CSRs and such for other devices and servers.   With the FTD, though, I wasn't sure if it was capable of using a certificate with multiple subject alternative names (GoDaddy UCC)?  And if so, does it matter what the common name on the certificate is set to?    Our ASA 5516X has a different internal hostname than the hostname that clients connect to from the internet, so, I was considering getting a UCC cert that had both hostnames in the certificate as SANs, along with SANs for another device.

Thanks 

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

Yes you can use a UCC (or even a wildcard) for your FTD device.

 

It's not so particular about the CN you have configured on the certificate. As long as either the CN or a Subject Alternative Name (SAN) matches what the VPN clients use for the gateway, it will work fine.

View solution in original post

2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

Yes you can use a UCC (or even a wildcard) for your FTD device.

 

It's not so particular about the CN you have configured on the certificate. As long as either the CN or a Subject Alternative Name (SAN) matches what the VPN clients use for the gateway, it will work fine.

That's great, thank you for your help Marvin!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: