EasyManuals Logo

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #948 background imageLoading...
Page #948 background image
1-12
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Digital Certificates
Configuring Digital Certificates
Step 6
enrollment retry period
Example:
hostname/contexta(config-ca-trustpoint)# enrollment
retry period 5
(Optional) Specifies a retry period in minutes, and
applies only to SCEP enrollment.
Step 7
enrollment retry count
Example:
hostname/contexta(config-ca-trustpoint)# enrollment
retry period 2
(Optional) Specifies a maximum number of
permitted retries, and applies only to SCEP
enrollment.
Step 8
fqdn fqdn
Example:
hostname/contexta(config-ca-trustpoint)# fqdn
example.com
During enrollment, asks the CA to include the
specified fully qualified domain name in the Subject
Alternative Name extension of the certificate.
Step 9
ip-address ip-address
Example:
hostname/contexta(config-ca-trustpoint)# ip-address
10.10.100.1
During enrollment, asks the CA to include the IP
address of the ASA in the certificate.
Step 10
keypair name
Example:
hostname/contexta(config-ca-trustpoint)# keypair
exchange
Specifies the key pair whose public key is to be
certified.
Step 11
match certificate map-name override ocsp
Example:
hostname/contexta(config-ca-trustpoint)# match
certificate examplemap override ocsp
Configures OCSP URL overrides and trustpoints to
use for validating OCSP responder certificates.
Step 12
ocsp disable-nonce
Example:
hostname/contexta(config-ca-trustpoint)# ocsp
disable-nonce
Disables the nonce extension on an OCSP request.
The nonce extension cryptographically binds
requests with responses to avoid replay attacks.
Step 13
ocsp url
Example:
hostname/contexta(config-ca-trustpoint)# ocsp url
Configures an OCSP server for the ASA to use to
check all certificates associated with a trustpoint
rather than the server specified in the AIA extension
of the client certificate.
Step 14
password string
Example:
hostname/contexta(config-ca-trustpoint)# password
mypassword
Specifies a challenge phrase that is registered with
the CA during enrollment. The CA usually uses this
phrase to authenticate a subsequent revocation
request.
Command Purpose

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
ModelASA 5505
InterfacesVaries by model (Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, etc.)
High AvailabilityActive/Standby or Active/Active (varies by model)
Power SupplyVaries by model
Form FactorVaries by model
Operating SystemCisco ASA Software
IPsec VPNSupported
SSL VPNSupported
IPS ThroughputVaries by model

Related product manuals