Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNP) > Discussions

_Communities

This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
351 Views 0 Replies Latest reply: Oct 22, 2012 11:24 AM by Twitch RSS

Currently Being Moderated

ASA CA Certificate Request Question

Oct 22, 2012 11:24 AM

Twitch 31 posts since
Dec 20, 2011

Hello all. Question - will generating a certificate request on a Cisco ASA 5510 remove an existing self-signed certificate? I generated a certificate request on Friday (via an ASDM connection) in order to request a certificate from a Certificate Authority for PCI Compliance, and earlier this morning (Monday) the VPN connections configured on the ASA went down. Reloading the router (which, if my understanding is correct, generates a self-signed certificate) resolved the problem, and the VPNs came back up.

 

I cannot find any documentation that says generating a certificate request will remove existing certificates (ie: self-signed). Is this the case? It almost seems like the ASA waited a certain amount of time before disabling the old certificate since there was a delay between the cert request and the failure of the VPNs. This would make sense since it takes a few days for the CA to generate the certificate.

 

Any clarity would be greatly appreciated! New territory for me.

 

Thanks.

 

Twitch

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)