EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #739 background imageLoading...
Page #739 background image
35-11
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 35 Configuring Digital Certificates
Configuring CA Certificate Authentication
Showing CA Certificate Details
To show detailed information about the selected CA certificate, click Show Details to display the
Certificate Details dialog box, which includes the following three display-only tabs:
The General tab displays the values for type, serial number, status, usage, public key type, CRL
distribution point, the times within which the certificate is valid, and associated trustpoints. The
values apply to both available and pending status.
The Issued to tab displays the X.500 fields of the subject DN or certificate owner and their values.
The values apply only to available status.
The Issued by tab displays the X.500 fields of the entity granting the certificate. The values apply
only to available status.
Requesting a CRL
To update the current version of the CRL, click Request CRL. CRL updates provide the current status
of certificate users. If the request fails, an error message appears. The CRL is updated and regenerated
automatically until it expires; clicking Request CRL forces an immediate CRL file update and
regeneration.
Configuring CA Certificates for Revocation
To configure CA certificates for revocation, perform the following steps:
Step 1 In the Configuration Options for CA Certificates pane, click the Revocation Check tab.
Step 2 To disable revocation checking of certificates, click the Do not check certificates for revocation radio
button.
Step 3 To select one or more revocation checking methods (CRL or OCSP), click the Check certificates for
revocation radio button.
Step 4 In the Revocation Methods area, available methods appear on the left. Click Add to move a method to
the right and make it available. Click Move Up or Move Down to change the method order.
The methods you choose are implemented in the order in which you add them. If a method returns an
error, the next revocation checking method activates.
Step 5 Check the Consider certificate valid if revocation checking returns errors check box to ignore
revocation checking errors during certificate validation.
Step 6 Click OK to close the Revocation Check tab. Alternatively, to continue, see the “Configuring CRL
Retrieval Policy” section on page 35-11.
Configuring CRL Retrieval Policy
To configure the CRL retrieval policy, perform the following steps:
Step 1 In the Configuration Options for CA Certificates pane, click the CRL Retrieval Policy tab.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals