Cisco Systems ASA 5500 Network Router User Manual

Open as PDF

of 1994

41-11

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 41 Configuring Digital Certificates

Configuring Digital Certificates

enrollment url url

Example:

hostname/contexta(config-ca-trustpoint)# enrollment

url http://10.29.67.142:80/certsrv/mscep/mscep.dll

Requests automatic enrollment using SCEP with the

specified trustpoint and configures the enrollment

URL.

enrollment terminal

Example:

hostname/contexta(config-ca-trustpoint)# enrollment

terminal

Requests manual enrollment with the specified

trustpoint by pasting the certificate received from the

CA into the terminal.

Step 3

revocation-check crl none

revocation-check crl

revocation-check none

Example:

hostname/contexta(config-ca-trustpoint)#

revocation-check crl none

hostname/contexta(config-ca-trustpoint)#

revocation-check crl

hostname/contexta(config-ca-trustpoint)#

revocation-check none

Specifies the available CRL configuration options.

Note To enable either required or optional CRL

checking, make sure that you configure the

trustpoint for CRL management after

obtaining certificates.

Step 4

crl configure

Example:

hostname/contexta(config-ca-trustpoint)# crl

configure

Enters crl configuration mode.

Step 5

email address

Example:

hostname/contexta(config-ca-trustpoint)# email

example.com

During enrollment, asks the CA to include the

specified e-mail address in the Subject Alternative

Name extension of the certificate.

Step 6

enrollment retry period

Example:

hostname/contexta(config-ca-trustpoint)# enrollment

retry period 5

(Optional) Specifies a retry period in minutes, and

applies only to SCEP enrollment.

Step 7

enrollment retry count

Example:

hostname/contexta(config-ca-trustpoint)# enrollment

retry period 2

(Optional) Specifies a maximum number of

permitted retries, and applies only to SCEP

enrollment.

Step 8

fqdn fqdn

Example:

hostname/contexta(config-ca-trustpoint)# fqdn

example.com

During enrollment, asks the CA to include the

specified fully qualified domain name in the Subject

Alternative Name extension of the certificate.

Command Purpose

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems ASA 5500 Network Router User Manual