05-13-2022 04:38 AM
in Cisco ASA all VPN users accessing FW and servers using Cisco any connect with a specific URL
I have changed URL which is recorded in Goddady,
but once I connect the message shows certificate untrust ,
there are some CA certificate in ASA for old URL
How can I solve this issue , how I can I add certicate to trust new URL
Solved! Go to Solution.
05-17-2022 05:03 PM
were you able to manage get the identity cert and upload on the firewall. if you using a cert from another make sure the certificate is in pkcs12 format with private key.
05-13-2022 05:12 AM
@mautez_mah the FQDN of vpn.tamam.life does not match the name on the certificate, hence the error. You should change the FQDN of the ASA you connec to, to match the name on the certificate.
05-13-2022 05:23 AM
Thanks but could you please guide me on where can I change it , or add new one
I opened the Identity certificate on ASDM and try to add a new one But there is Value like CN , OU , I don't know what should I add here
can you guide me plz
05-13-2022 05:29 AM
@mautez_mah the current certificate is a wildcard from a completely different domain. You can either change your public DNS record from the current DNS entry vpn.tamam.life to vpn.skyband.com.sa
Or create a new certificate for vpn.tamam.life, guide here https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/107956-renew-ssl.html
05-17-2022 05:03 PM
were you able to manage get the identity cert and upload on the firewall. if you using a cert from another make sure the certificate is in pkcs12 format with private key.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide