47-24
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 47 Configuring Cisco Intercompany Media Engine Proxy
Configuring Cisco Intercompany Media Engine Proxy
Step 3
hostname(config-ca-trustpoint)# subject-name X.500_name
Example:
hostname(config-ca-trustpoint)# subject-name
cn=Ent-local-domain-name**
Includes the indicated subject DN in the
certificate during enrollment.
Note The domain name that you enter here
must match the domain name that has
been set for the local Cisco UCM.
For information about how to configure
the domain name for Cisco UCM, see the
Cisco Unified Communications
Manager documentation for information.
Step 4
hostname(config-ca-trustpoint)# keypair keyname
Example:
hostname(config-ca-trustpoint)# keypair local-ent-key
Specifies the key pair whose public key is to be
certified.
Step 5
hostname(config-ca-trustpoint)# enroll terminal
Specifies that you will use the “copy and paste”
method of enrollment with this trustpoint (also
known as manual enrollment).
Step 6
hostname(config-ca-trustpoint)# exit
Exits from the CA Trustpoint configuration
mode.
Step 7
hostname(config)# crypto ca enroll trustpoint
Example:
hostname(config)# crypto ca enroll remote-ent
%
% Start certificate enrollment ...
% The subject name in the certificate will be:
% cn=enterpriseA
% The fully-qualified domain name in the certificate will
@ be: ciscoasa
% Include the device serial number in the subject name?
[yes/no]: no
Display Certificate Request to terminal? [yes/no]: yes
Starts the enrollment process with the CA.
Where trustpoint is the same as the value you
entered for trustpoint_name in Step 2.
When the trustpoint is configured for manual
enrollment (enroll terminal command), the
adaptive security appliance writes a
base-64-encoded PKCS10 certification request
to the console and then displays the CLI prompt.
Copy the text from the prompt.
Submit the certificate request to the CA, for
example, by pasting the text displayed at the
prompt into the certificate signing request
enrollment page on the CA website.
When the CA returns the signed identity
certificate, proceed to Step 8 in this procedure.
Step 8
hostname(config)# crypto ca import trustpoint certificate
Example:
hostname(config)# crypto ca import remote-ent certificate
Imports the signed certificate received from the
CA in response to a manual enrollment request.
Where trustpoint specifies the trustpoint you
created in Step 2.
The adaptive security appliance prompts you to
paste the base-64 formatted signed certificate
onto the terminal.
Step 9
hostname(config)# crypto ca authenticate trustpoint
Example:
hostname(config)# crypto ca authenticate remote-ent
Authenticates the third-party identity certificate
received from the CA. The identity certificate is
associated with a trustpoint created for the
remote enterprise.
The adaptive security appliance prompts you to
paste the base-64 formatted identity certificate
from the CA onto the terminal.
Command Purpose
To Next Page
Loading...
Need help?
General
