EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #947 background imageLoading...
Page #947 background image
1-11
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Digital Certificates
Configuring Digital Certificates
Configuring Trustpoints
To configure a trustpoint, perform the following steps:
Command Purpose
Step 1
crypto ca trustpoint trustpoint-name
Example:
hostname/contexta(config)# crypto ca trustpoint Main
Creates a trustpoint that corresponds to the CA from
which the ASA needs to receive a certificate. Enters
the crypto ca trustpoint configuration mode, which
controls CA-specific trustpoint parameters that you
may configure starting in Step 3.
Note When you try to connect, a warning occurs to
indicate that the trustpoint does not contain
an ID certificate when an attempt is made to
retrieve the ID certificate from the trustpoint.
Step 2
Choose one of the following options:
enrollment url url
Example:
hostname/contexta(config-ca-trustpoint)# enrollment
url http://10.29.67.142:80/certsrv/mscep/mscep.dll
Requests automatic enrollment using SCEP with the
specified trustpoint and configures the enrollment
URL.
enrollment terminal
Example:
hostname/contexta(config-ca-trustpoint)# enrollment
terminal
Requests manual enrollment with the specified
trustpoint by pasting the certificate received from the
CA into the terminal.
Step 3
revocation-check crl none
revocation-check crl
revocation-check none
Example:
hostname/contexta(config-ca-trustpoint)#
revocation-check crl none
hostname/contexta(config-ca-trustpoint)#
revocation-check crl
hostname/contexta(config-ca-trustpoint)#
revocation-check none
Specifies the available CRL configuration options.
Note To enable either required or optional CRL
checking, make sure that you configure the
trustpoint for CRL management after
obtaining certificates.
Step 4
crl configure
Example:
hostname/contexta(config-ca-trustpoint)# crl
configure
Enters crl configuration mode.
Step 5
email address
Example:
hostname/contexta(config-ca-trustpoint)# email
example.com
During enrollment, asks the CA to include the
specified e-mail address in the Subject Alternative
Name extension of the certificate.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals