Use ASDM to configure HTTPS certificate to encrypt anyconnect connection

Others 2020-04-16 22:08:28 views: null

1. Without using the certificate, the following prompt will appear every time you connect to the VPN

ASA Version: 8.4.(1)

ASDM Version: 6.4.(7)

command

On the ASA , you can use several show commands on the command line to verify the status of the certificate .

  • The show crypto ca certificates command is used to view information about your certificates , CA certificates, and all Registration Authority (RA) certificates .
  • The command show crypto ca trustpoints is used to verify the trustpoint configuration.
  • The command show crypto key mypubkey rsa is used to display the ASA RSA public key.
  • The command show crypto ca crls is used to display all cached CRLs.

    2. Operation method:

1. Open the ASDM application and click the Configuration button.

  1. Click the Properties button from the menu on the left .

  2. Click Device Setup> Device Name from the navigation pane .

  3. Enter the host name and domain name of the ASA . Click Apply .

  4. When prompted, click Save> Yes .

2. Configure the ASA with the correct date, time, and time zone . This is important for the device's certificate generation process. If possible, use an NTP server.

  1. Click Device Setup> Sysem Time > Clock from the navigation pane .

  2. In the Clock window, use the various fields and drop-down arrows to set the correct date, time, and time zone.

3. Cisco ASA must have its own key pair (private key and public key). The public key will be sent to the CA.

  1. As shown in the figure below, click to create Key Pair in turn , and select Size 2048.

    1. Select the radio button next to the blank field in the Name area, and then type the name of the key.

    2. Click the Size: arrow next to the drop-down box to select the size of the key or accept the default.

    3. Select the General Purpose radio button under Usage .

    4. Click the Generate Now button to regenerate the key and return to the Key Pair window, where you can view the key pair information.

4. Configure the Microsoft CA to be trusted. Click Trustpoint> Configuration from the navigation pane .

  1. Click the Add button from the Configuration window .

5. Application certificate configuration

(To be corrected, if you encounter similar problems that require the import of certificates, please discuss with me, E-mail: [email protected])

Guess you like

Origin www.cnblogs.com/HarryChis/p/12716036.html
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com