Cisco Systems ASA 5585-X Network Router User Manual

Open as PDF

of 2086

44-23

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 44 Configuring Digital Certificates

Authenticating Using the Local CA

Step 3 In the Certificate Format area, to use the public key cryptography standard, which can be base64 encoded

or in hexadecimal format, click the PKCS12 format radio button. Otherwise, click the PEM format

radio button.

Step 4 Click Browse to display the Export ID Certificate File dialog box to find the file to which you want to

export the certificate configuration.

Step 5 Select the file and click Export ID Certificate File.

The selected certificate file appears in the Export Certificate dialog box.

Step 6 Enter the passphrase used to decrypt the PKCS12 format file for export.

Step 7 Confirm the decryption passphrase.

Step 8 Click Export Certificate to export the certificate configuration.

What to Do Next

See the “Authenticating Using the Local CA” section on page 44-23.

Authenticating Using the Local CA

The local CA provides a secure, configurable in-house authority that resides on the ASA for certificate

authentication to use with browser-based and client-based SSL VPN connections.

Users enroll by logging in to a specified website. The local CA integrates basic certificate authority

operations on the ASA, deploys certificates, and provides secure revocation checking of issued

certificates.

The local CA lets you perform the following tasks:

• Configure the local CA server.

• Revoke and unrevoke local CA certificates.

• Update CRLs.

• Add, edit, and delete local CA users.

This section includes the following topics:

• Configuring the Local CA Server, page 44-23

• Deleting the Local CA Server, page 44-26

Configuring the Local CA Server

To configure a local CA server on the ASA, perform the following steps:

Step 1 Choose Configuration > Remote Access VPN > Certificate Management > Local Certificate

Authority > CA Server.

Step 2 To activate the local CA server, check the Enable Certificate Authority Server check box. The default

setting is disabled (unchecked). After you enable the local CA server, the ASA generates the local CA

server certificate, key pair, and necessary database files, then archives the local CA server certificate and

key pair in a PKCS12 file.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems ASA 5585-X Network Router User Manual