Filter
Top Products
33-18
Cisco ASDM User Guide
OL-16647-01
Chapter 33 Configuring Certificates
Code-Signer Certificates
Step 7 In the Advanced Options panel, verify that the FQDN: field is the correct FQDN of the security
appliance and click OK to close the window.
Step 8 In the Add Identity Certificate panel, click the Add Certificate at the bottom.
Step 9 When prompted to enter a name for the CSR, specify an easily-accessible file name of type text, such as
c:\verisign-csr.txt.
Step 10 Send the CSR text file to the CA. Alternatively, you can paste the text file into the CSR enrollment page
on the CA’s web site.
To install an Identity Certificate:
Step 1 When the CA returns the Identity Certificate to you, return to the Identity Certificates panel, select the
pending certificate entry, and click the now active Install button.
Step 2 To assign the newly installed certificate for use with SSL VPN, navigate to the SSL Settings panel by
SSL Settings hot link in the text under the list of certificates.
Step 3 In the SSL Settings panel, double-click the interface to be assigned to the certificate. the Edit SSL
Certificate panel opens.
Step 4 In the Edit SSL Certificate panel, select the certificate from the Certificate: pull-down list and click
OK. Note that the selected Identity Certificate displays in the ID Certificate field to the right of the
selected Interface field.
Step 5 Be sure to click the Apply button at the bottom of the SSL Settings panel to save the newly-installed
certificate with the ASA configuration.
Code-Signer Certificates
Code signing appends a digital signature to the executable code itself. This digital signature provides
enough information to authenticate the signer as well as to ensure that the code has not been
subsequently modified since signed.
Code-signer certificates are special certificates whose associated private keys are used to create digital
signatures. The certificates used to sign code are obtained from a CA, with the signed code itself
revealing the certificate origin. You can import code-signer certificates with the Import button on this
panel or you can select the Java Code Signer panel, Configuration > Remote Access VPN > Clientless
SSL VPN Access > Advanced > Java Code Signer.
The Code-signer Certificate Authentication panel allows you to:
• Display details of an Identity Certificate. See Show Code-Signer Certificate Details.
• Delete an existing Identity Certificate. See Delete a Code-Signer Certificate.
Export an existing Identity Certificate. See Import or Export a Code-Signer Certificate.