Using Certicates from multipe certficate authority on Cisco SSLM

Hi All,

 We are using around 50  Verisign Certificates installed  in the Cisco SSLM module .  We plan to have a new contract with another vendor Global Sign here onwards. I would like to know if it possible to use more than one Vendors( Verisign, Global Sign )  certificate chains installed in the same module. Our plan is that old certificates from Verisign will be functioning as it is and new certificates will be issued by  Global Sign and will be installed in the same module,  When Old cerificates expires the same wil be removed and will be newly created from Global Sign and will be installed
 
SSLM#sh version
Cisco IOS Software, SVCSSL Software (SVCSSL-K9Y9-M), Version 12.3(8)IA  RELEASE SOFTWARE \nCopyright (c) 1986-2008 by Cisco Systems, Inc.
 
ROM: System Bootstrap, Version 12.2(11)YS1 RELEASE SOFTWARE
abhishek-kishoreAsked:
Who is Participating?
 
ParanormasticConnect With a Mentor Cryptographic EngineerCommented:
Yes, you can just put in each CA cert in their certificate chain seperately as a new trustpoint.

ssl-proxy(config)#crypto ca authenticate yoursite

refer to https://www.cisco.com/application/pdf/paws/63456/sslm-csr.pdf for more info.
0
All Courses

From novice to tech pro — start learning today.