Filter
Top Products
44-26
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 44 Configuring Digital Certificates
Authenticating Using the Local CA
• C (Country)
• OU (Organization Unit)
• EA (E-mail Address)
• ST (State/Province)
• T (Title)
Step 16 Enter the number of hours for which an enrolled user can retrieve a PKCS12 enrollment file to enroll
and retrieve a user certificate. The enrollment period is independent of the OTP expiration period. The
default is 24 hours.
Note Certificate enrollment for the local CA is supported only for clientless SSL VPN connections.
For this type of connection, communications between the client and the ASA is through a web
browser that uses standard HTML.
Step 17 Enter the length of time that a one-time password e-mailed to an enrolling user is valid. The default is
72 hours.
Step 18 Enter the number of days before expiration reminders are e-mailed to users. The default is 14 days.
Step 19 Click Apply to save the new or modified CA certificate configuration. Alternatively, click Reset to
remove any changes and return to the original settings.
Deleting the Local CA Server
To remove the local CA server from the ASA, perform the following steps:
Step 1 Choose Configuration > Remote Access VPN > Certificate Management > Local Certificate
Authority > CA Server.
Step 2 In the CA Server pane, click Delete Certificate Authority Server.
The Delete Certificate Authority dialog box appears.
Step 3 To delete the CA server, click OK. To retain the CA server, click Cancel.
Note After you delete the local CA server, it cannot be restored or recovered. To recreate the deleted
CA server configuration, you must reenter all of the CA server configuration information.