Skip navigation
Login   |   Register
Cisco Learning Home > Certifications > Routing & Switching (CCNP) > Discussions


This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
506 Views 0 Replies Latest reply: Oct 22, 2012 11:24 AM by Twitch RSS

Currently Being Moderated

ASA CA Certificate Request Question

Oct 22, 2012 11:24 AM

Twitch 31 posts since
Dec 20, 2011

Hello all. Question - will generating a certificate request on a Cisco ASA 5510 remove an existing self-signed certificate? I generated a certificate request on Friday (via an ASDM connection) in order to request a certificate from a Certificate Authority for PCI Compliance, and earlier this morning (Monday) the VPN connections configured on the ASA went down. Reloading the router (which, if my understanding is correct, generates a self-signed certificate) resolved the problem, and the VPNs came back up.


I cannot find any documentation that says generating a certificate request will remove existing certificates (ie: self-signed). Is this the case? It almost seems like the ASA waited a certain amount of time before disabling the old certificate since there was a delay between the cert request and the failure of the VPNs. This would make sense since it takes a few days for the CA to generate the certificate.


Any clarity would be greatly appreciated! New territory for me.






More Like This

  • Retrieving data ...

Bookmarked By (0)