Solved

Cisco ASA-5520 Certificate Problem

Posted on 2011-02-14
5
2,458 Views
Last Modified: 2012-05-11
Hello experts,
I am trying to install a certificate from godaddy.com on a Cisco ASA-5520
I have peformed the following steps:
1. Obtained & installed the CA root certificate from godaddy (worked fine)
2. Generated the CSR (using the same TrustPoint under which I installed the root cert
3. When I attempt to install the certificate, I get the following error  
Has anyone run accross this before?  

Thanks in advance

 ASDM Error Msg
0
Comment
Question by:SpokaneISD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 34892650
you have to generate certificate request first on cisco firewall - the copy paste it to CA website or service - Ca should send you signed certificate - this signed cert you copy to your firewall - and then it gates validated or not.

Jan ICt Technician, CCNA
0
 

Author Comment

by:SpokaneISD
ID: 34892901
I have done all that.
I generated a CSR on the ASA-5520
I then use a wild card cert from godaddy.com. This cert covers one domain and any number of subdomains (*.mydomain.org).  I could find references to others using the godaddy wild card cert on an ASA with no problems.

Any other ideas?
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 34894690
update roms of you asa and try again. If not make sure you have reverse dns and dns pointing to appliance fqdn and ip addreses (lan and wan). this should work
0
 

Accepted Solution

by:
SpokaneISD earned 0 total points
ID: 34900631
OK, I figured it out.  Here are the steps that worked:

Download my wildcard cert (*.mydomain.org) from godaddy.com
From ASDM, navigate to Configuration> Device Management> Certificate Management> CA Certificates
Install the gd_bundle.crt that was in the download cert from godaddy
From an IIS server that was already using this certificate, I did the following:
Launched the MMC
File/add remove snap-in
add certificates snap-in
exported the *.mydomain.com cert to a .PFX file (contains both private & public keys)
From ASDM, navigate to Configuration> Device Management> Certificate Management> Identity Certificates
Import the .pfx file you exported
0
 

Author Closing Comment

by:SpokaneISD
ID: 34936458
I figured out the problem myself.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses
Course of the Month8 days, 17 hours left to enroll

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question