Solved

Can't install 3rd Party SSL into Cisco ASA 5505

Posted on 2014-11-11
3
1,172 Views
Last Modified: 2014-11-19
Hello all

I have a Cisco ASA 5505 , running ASA Version 8.3(1), and ASDM version 6.3(1)

I cannot install a 3rd party (GoDaddy/Starfield tech) SSL certificate for the life of me.

Generating the CSR from the ASA itself I get "Failed to parse or verify imported certificate" even though the starfield specific root and intermediate certificates seem to install fine.

Someone in the Cisco support forums suggested generating the CSR from a windows computer, installing the cert on windows computer, and then exporting out to PKCS12 (.pfx), then importing into ASA afterward.

I'm met with Error Import PKCS12 operation failed.
0
Comment
Question by:Tom-J-Lael
  • 2
3 Comments
 
LVL 5

Expert Comment

by:Darkstriker69
ID: 40436195
Your best bet is to create the certificate request on the ASA. Here are some straightforward instructions for using the ASDM to create a certificate request. You will want to be sure to change the CN value to your match your DNS record.

https://www.digicert.com/csr-creation-cisco-asa-vpn.htm
0
 
LVL 3

Accepted Solution

by:
Tom-J-Lael earned 0 total points
ID: 40443267
Darkstriker69

Thanks for that info. I did see that before. Originally I did generate CSR from ASA itself, but had some much trouble I was willing to entertain generating it from elsewhere.

My problem was two fold

1. Needed to be SHA-1 , and not SHA-2. My best guess is because of the old ASA code ( 8.3.1)

2.  Secondly, the SSL I bought was for 3 years, but the Intermediate cert and root cert I guess are only good for 2.
0
 
LVL 3

Author Closing Comment

by:Tom-J-Lael
ID: 40451918
Because no one else presented a solution that worked. The one person who replied sent a link to KB article I had already seen and tried.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question