35-19
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 35 Configuring Digital Certificates
Configuring Identity Certificates Authentication
Step 7 To complete the enrollment process, click the request a certificate from Entrust link by copying and
pasting the CSR provided and submitting it through the Entrust web form, provided at
http://www.entrust.net/cisco/. Alternatively, to enroll at a later time, save the generated CSR to a file,
then click the enroll with Entrust link on the Identity Certificates pane to complete the enrollment
process.
Step 8 Entrust issues a certificate after verifying the authenticity of your request. which may take several days.
You then need to install the certificate by selecting the pending request in the Identity Certificate pane
and clicking Install. Click Close to close the Enroll with Entrust dialog box.
Installing Identity Certificates
The Install button on the Identity Certificates pane is dimmed unless an enrollment is pending. Whenever
the adaptive security appliance receives a CSR, the Identity Certificates pane displays the pending ID
certificate. When you select the pending Identity Certificate, the Install button activates.
When you transmit the pending request to a CA, the CA enrolls it and returns a certificate to the adaptive
security appliance. After you have received the certificate, click Install and highlight the appropriate
identity certificate to complete the operation.
To installing a pending identity certificate, perform the following steps:
Step 1 In the Identity Certificates pane, click Add to display the Add Identity Certificate dialog box.
Step 2 In the Add Identity Certificate dialog box, click the Add a new identity certificate radio button.
Step 3 (Optional) Change the key pair or create a new key pair. A key pair is required.
Step 4 Enter the Certificate Subject DN information, and then click Select to display the Certificate Subject DN
dialog box.
Step 5 Specify all of the subject DN attributes required by the CA involved, and then click OK to close the
Certificate Subject DN dialog box.
Step 6 In the Add Identity Certificate dialog box, click Advanced to display the Advanced Options dialog box.
Step 7 To continue, see Steps 17 through 23 of the “Configuring Identity Certificates Authentication” section
on page 35-14.
Step 8 In the Add Identity Certificate dialog box, click Add Certificate.
The Identity Certificate Request dialog box appears.
Step 9 Enter the CSR file name of type, text, such as c:\verisign-csr.txt, and then click OK.
Step 10 Send the CSR text file to the CA. Alternatively, you can paste the text file into the CSR enrollment page
on the CA website.
Step 11 When the CA returns the Identity Certificate to you, go to the Identity Certificates pane, select the
pending certificate entry, and click Install.
The Install Identity Certificate dialog box appears.
Step 12 Choose one of the following options by clicking the applicable radio button:
• Install from a file.
Alternatively, click Browse to search for the file.
• Paste the certificate data in base-64 format.
To Next Page
Loading...
Need help?
General
