04-26-2018 05:26 AM - edited 03-12-2019 05:14 AM
Hello all,
I have a few questions on setting up a certificate for use on FTD 6.2.3 for AnyConnect connections.
I am familiar with the process of using openssl to generate CSRs and such for other devices and servers. With the FTD, though, I wasn't sure if it was capable of using a certificate with multiple subject alternative names (GoDaddy UCC)? And if so, does it matter what the common name on the certificate is set to? Our ASA 5516X has a different internal hostname than the hostname that clients connect to from the internet, so, I was considering getting a UCC cert that had both hostnames in the certificate as SANs, along with SANs for another device.
Thanks
Solved! Go to Solution.
04-26-2018 06:32 AM
Yes you can use a UCC (or even a wildcard) for your FTD device.
It's not so particular about the CN you have configured on the certificate. As long as either the CN or a Subject Alternative Name (SAN) matches what the VPN clients use for the gateway, it will work fine.
04-26-2018 06:32 AM
Yes you can use a UCC (or even a wildcard) for your FTD device.
It's not so particular about the CN you have configured on the certificate. As long as either the CN or a Subject Alternative Name (SAN) matches what the VPN clients use for the gateway, it will work fine.
04-26-2018 06:49 AM
That's great, thank you for your help Marvin!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: