Solved

Help installing wildcard cert onto Cisco ASA

Posted on 2013-11-13
3
2,183 Views
Last Modified: 2014-01-11
Hi guys,

Can someone help me with installing a wildcard cert onto my ASA.

I already have the cert (created on Windows) with the private and public keys, and the CA certs.

I have created a trustpoint for the CA and installed the CA cert. I've converted the cert using OpenSSL to PCKS12. I am getting problems importing the identity cert.

The commands I have tried entering and output are as follows.

crypto ca import <trustpoint> pkcs12 ****

Enter the base 64 encoded pkcs12.
End with the word "quit" on a line by itself:
-----BEGIN PKCS12-----
<snip>
-----END PKCS12-----
quit
ERROR: Import PKCS12 operation failed

crypto ca import <trustpoint> pkcs12 ****

Enter the base 64 encoded pkcs12.
End with the word "quit" on a line by itself:
<snip>
quit
ERROR: Import PKCS12 operation failed

<snip> is the text output from OpenSSL.

Thanks.
0
Comment
Question by:InteraX
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 28

Expert Comment

by:asavener
ID: 39644524
Try using a unix-compatible text editor such as Notepad++ or Programer's File Editor.  Open the cert with one of those, and then copy/paste it into your config.
0
 
LVL 16

Accepted Solution

by:
InteraX earned 0 total points
ID: 39644544
I only use notepad++. It's very strange. I've managed to import the pfx using ASDM, but as I'm using Cisco Security Manager to manage our firewalls (we have over 30) this doesn't really help me very much.
0
 
LVL 16

Author Closing Comment

by:InteraX
ID: 39773100
Was unable to import cert from the command line. Had to import it via the GUI.
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question