Filter
Top Products
33-3
Cisco ASDM User Guide
OL-16647-01
Chapter 33 Configuring Certificates
CA Certificate Authentication
Add/Install a CA Certificate
The CA Certificate panel lets you add a new certificate configuration from an existing file, by manually
pasting a certificate, or by automatic enrollment. Click the appropriate option to activate one of the
following:
• Install from a File:—To add a certificate configuration from an existing file, enter the path and file
name, then click Install Certificate. You can type the pathname of the file in the box or you can
click Browse and search for the file. Browse displays the Load CA certificate file dialog box that
lets you navigate to the file containing the certificate.
• Paste certificate in PEM format:—For manual enrollment, copy and paste the PEM format
certificate (base64 or hexadecimal format) into the panel, then click Install Certificate.
• Use SCEP:—For automatic enrollment, the security appliance contacts the CA using Simple
Certificate Enrollment Protocol (SCEP) protocol, obtains the certificates, and installs them on the
device. (SCEP). SCEP is a secure messaging protocol that requires minimal user intervention. SCEP
lets you to enroll and install certificates using only the VPN Concentrator Manager. To use SCEP,
you must enroll with a CA that supports SCEP, and you must enroll via the Internet.
SCEP automatic enrollment requires completion of the following fields:
–
SCEP URL: HTTP:// Enter the path and file name of the certificate to be automatically
installed.