Cisco Systems ASA 5525-X Network Router User Manual


  Open as PDF
of 2086
 
44-21
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 44 Configuring Digital Certificates
Configuring Code Signer Certificates
Step 8 In the Add Identity Certificate dialog box, click Add Certificate.
The Identity Certificate Request dialog box appears.
Step 9 Enter the CSR file name of type, text, such as c:\verisign-csr.txt, and then click OK.
Step 10 Send the CSR text file to the CA. Alternatively, you can paste the text file into the CSR enrollment page
on the CA website.
Step 11 When the CA returns the Identity Certificate to you, go to the Identity Certificates pane, select the
pending certificate entry, and click Install.
The Install Identity Certificate dialog box appears.
Step 12 Choose one of the following options by clicking the applicable radio button:
Install from a file.
Alternatively, click Browse to search for the file.
Paste the certificate data in base-64 format.
Paste the copied certificate data into the area provided.
Step 13 Click Install Certificate.
Step 14 Click Apply to save the newly installed certificate with the ASA configuration.
What to Do Next
See the “Configuring Code Signer Certificates” section on page 44-21.
Configuring Code Signer Certificates
Code signing appends a digital signature to the actual executable code. This digital signature provides
enough information to authenticate the signer, and ensure that the code has not been modified after being
signed.
Code signer certificates are special certificates whose associated private keys are used to create digital
signatures. The certificates used to sign code are obtained from a CA, in which the signed code reveals
the certificate origin. You can import code signer certificates on the Code Signer pane, or choose
Configuration > Remote Access VPN > Clientless SSL VPN Access > Advanced > Java Code Signer.
In the Code Signer pane, you can perform the following tasks:
Display details of a code signer certificate.
Delete an existing code signer certificate.
Import an existing code signer certificate.
Export an existing code signer certificate.
Enroll for a code signer certificate with Entrust.
This section includes the following topics:
Showing Code Signer Certificate Details, page 44-22
Deleting a Code Signer Certificate, page 44-22
Importing a Code Signer Certificate, page 44-22
Exporting a Code Signer Certificate, page 44-22