EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #948 background imageLoading...
Page #948 background image
1-12
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Digital Certificates
Configuring Digital Certificates
Step 6
enrollment retry period
Example:
hostname/contexta(config-ca-trustpoint)# enrollment
retry period 5
(Optional) Specifies a retry period in minutes, and
applies only to SCEP enrollment.
Step 7
enrollment retry count
Example:
hostname/contexta(config-ca-trustpoint)# enrollment
retry period 2
(Optional) Specifies a maximum number of
permitted retries, and applies only to SCEP
enrollment.
Step 8
fqdn fqdn
Example:
hostname/contexta(config-ca-trustpoint)# fqdn
example.com
During enrollment, asks the CA to include the
specified fully qualified domain name in the Subject
Alternative Name extension of the certificate.
Step 9
ip-address ip-address
Example:
hostname/contexta(config-ca-trustpoint)# ip-address
10.10.100.1
During enrollment, asks the CA to include the IP
address of the ASA in the certificate.
Step 10
keypair name
Example:
hostname/contexta(config-ca-trustpoint)# keypair
exchange
Specifies the key pair whose public key is to be
certified.
Step 11
match certificate map-name override ocsp
Example:
hostname/contexta(config-ca-trustpoint)# match
certificate examplemap override ocsp
Configures OCSP URL overrides and trustpoints to
use for validating OCSP responder certificates.
Step 12
ocsp disable-nonce
Example:
hostname/contexta(config-ca-trustpoint)# ocsp
disable-nonce
Disables the nonce extension on an OCSP request.
The nonce extension cryptographically binds
requests with responses to avoid replay attacks.
Step 13
ocsp url
Example:
hostname/contexta(config-ca-trustpoint)# ocsp url
Configures an OCSP server for the ASA to use to
check all certificates associated with a trustpoint
rather than the server specified in the AIA extension
of the client certificate.
Step 14
password string
Example:
hostname/contexta(config-ca-trustpoint)# password
mypassword
Specifies a challenge phrase that is registered with
the CA during enrollment. The CA usually uses this
phrase to authenticate a subsequent revocation
request.
Command Purpose

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals