06-09-2015 02:42 AM
Hi
I want to get rid of the untrusted certificate warning messages for my VPN (anyconnect) users.
I have my cert file, private key file and intermediate cert (CA) file in .pem format.
I have a Cisco ASA 5505.
Can anyone point me to a guide or tell me what I need to do with the files? I'm not sure as I've never done much with certificates before and ASA's aren't really my thing either.
Thanks
06-09-2015 04:20 AM
You can follow this example:
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/98596-asa-8-x-3rdpartyvendorcert.html
or most of providers of certificates do have their own instruction pages. Vide:
https://www.digicert.com/ssl-certificate-installation-cisco-asa-5500.htm
https://support.globalsign.com/customer/portal/articles/1228167-install-certificate---cisco-asa-5500
06-09-2015 06:25 AM
Yeah, I've gone through them and no matter what permutation of cert file I go for, it comes back and says "certificate does not contain devices general purpose public key". I've tried the cert file on it's own, but also with the private key and also with the private key and CA cert as well.
I've tried pasting in from the pem file and also as a .cer file. Always comes back with the same thing.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide