sslsd-logo

Cisco ASA 5510 – SSL Installation

Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created.

Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system.

To install your SSL certificate on Cisco ASA 5010 perform the following.

Step 1: Downloading your SSL Certificate & its Intermediate CA certificate:

  1. If you had the option of server type during enrollment and selected Other you will receive a x509/.cer/.crt/.pem version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the x509 version of your certificate.
  2. Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer Ensure there are no white spaces, extra line breaks or additional characters.
  3. Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension .txt
  4. If your intermediate CA certificate for your product is not in the body of the email you can access your Intermediate CA also in a link within that email. Copy and paste the contents of your Intermediate CA into its own Notepad file and save it with a .txt extension also.
    Note: Some CAs may require two intermediates for best compatibility. These two are to be copied within their own corresponding .crt files and installed one at a time in a repeated process for intermediate installation.

Step 2: Install the Intermediate CA Certificate:

  1. Within ASDM, click Configuration > Device Management.
  2. Click Certificate Management > CA Certificates.Cisco 5500 Series
  3. Click Add.Cisco 5500 Series
  4. Click Browse and specify the location and path of the Intermediate CA certificate you downloaded in Step 1.
    Note: Alternately if you open your downloaded intermediate you can copy and paste the Intermediate CA certificate (intermediate_ca.txt) into the text field. Make sure to include the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer.
  5. Click Install Certificate.Cisco 5500 SeriesA dialog box appears that confirms the installation was successful.

Step 3: Installing your SSL certificate:

  1. Click Configuration > Device Management.
  2. Click Certificate Management > Identity Certificates.
  3. Select the identity certificate you created from CSR creation (The Expiry Date should display Pending)
  4. Click Install.
  5. Specify the location and path of your SSL certificate file.
    Note: Alternately if you open your downloaded intermediate you can copy and paste the Intermediate CA certificate (SSLcert.txt) into the text field. Make sure to include the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer
  6. Click Install Certificate.Cisco 5500 Series
    A dialog box appears that confirms the installation was successful.

Step 4: Configuring system to use new SSL certificate:

  1. Click Configuration > Device Management.
  2. Expand Advanced, and then expand SSL Settings.Cisco 5500 Series
  3. Under Certificates, select the interface that is used to terminate WebVPN sessions
  4. Click Edit.
  5. In the Certificate drop-down list, choose the certificate that you just installed
  6. Click OK.Cisco 5500 Series
  7. Click Apply.Your new certificate should now be activated for use with your ASA.

If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports Cisco ASA.

Cisco Support:

For more information refer to Cisco

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »