Certificate authentication from self-signed cisco CA
Posted on 2008-10-29
I am using webVPN on a Cisco ASA5510 running 8.0(4) to allow access to several web servers on the private side.
I am authenticating users through active directory which works fine.
I want to use a second (additional) authentication method of requiring an issued certificate on the client. This will basically screen who can try to authenicate to my AD (no issued cert, no username/password prompt). I have generated a self-signed certificate on the ASA, set it up to require a certificate for athentication, but I can not find anything that tells me how to export a paired certificate from the ASA to import onto the clients.
Summarized, how do I use a certificate as additional user authentication using webVPN on a cisco ASA5510. I'm worried about authenicating specific users only, not the utility of the session encryption (which I can get using a generic certificate).
Have searched high and low both here and on Cisco....with no luck. Hope someone can help! Thanks.