Cisco ASA5510 invalid security certificate for SSL VPN

I bought and configured a certificate from Thawte but am getting invalid certificate error in the browser. The ASA previously had a self-signed certificate which I did not delete at the time. I've just zeroiz
ed it but still getting the invalid cert error. Any ideas on how to resolve?
Thanks for any help.
cavacamiteAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

cavacamiteAuthor Commented:
Here is the error. Thanks.

Secure Connection Failed
vpn.sslname.com uses an invalid security certificate.
The certificate is not trusted because it is self signed.
The certificate is only valid for sslvpn.previousselfsigned.net
(Error code: sec_error_untrusted_issuer)
    * This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.

    * If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.

          Or you can add an exception&
0
cavacamiteAuthor Commented:
Can I remove the certificate 'no crypto ca trustpoint <trustpoint-name>' then re-authenticate and re-install the same certificate or will the "no" command require me to re-create a CSR and pay for another certificate?
Thanks.
0
cavacamiteAuthor Commented:
Ok... I reloaded the ASA and now get the error below. Any ideas anyone? Thanks.

Secure Connection Failed

An error occurred during a connection to vpn.sslvpn.com.
Cannot communicate securely with peer: no common encryption algorithm(s).

(Error code: ssl_error_no_cypher_overlap)
The page you are trying to view can not be shown because the authenticity of the received data could not be verified.

    * Please contact the web site owners to inform them of this problem.
0
cavacamiteAuthor Commented:
Issue was resolved by removing the certificate, changing the hostname of the ASA to match the host name for the trustpoint/certificate, then re-creating the certificate.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ModEErfCommented:
Text in http:#a22999709 modified as requested.

ModEErf
Experts Exchange Moderator

http://www.experts-exchange.com/Q_24804647.html
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.