How to generate a self signed certificate on ASA using CLI?
First thing we need is an RSA key pair:
crypto key generate rsa label SSL-Key modulus 1024 noconfirm
Create a trust-point
crypto ca trustpoint SSL-trustpoint
subject-name CN=10.197.222.147 ****** This is the IP address of my ASA. You might have an FQDN
keypair SSL-Key **** Call the key pair under trustpoint.
fqdn none
enrollment self **** This is used if you need to generate a self signed certificate.
So,
Here are all the commands at once that you need:
======================================================
crypto key generate rsa label SSL-Key modulus 1024 noconfirm
!
crypto ca trustpoint SSL-trustpoint
subject-name CN=10.197.222.147
keypair SSL-Key
fqdn none
enrollment self
======================================================
crypto key generate rsa label SSL-Key modulus 1024 noconfirm
Create a trust-point
crypto ca trustpoint SSL-trustpoint
subject-name CN=10.197.222.147 ****** This is the IP address of my ASA. You might have an FQDN
keypair SSL-Key **** Call the key pair under trustpoint.
fqdn none
enrollment self **** This is used if you need to generate a self signed certificate.
So,
Here are all the commands at once that you need:
======================================================
crypto key generate rsa label SSL-Key modulus 1024 noconfirm
!
crypto ca trustpoint SSL-trustpoint
subject-name CN=10.197.222.147
keypair SSL-Key
fqdn none
enrollment self
======================================================
0 comments:
Post a Comment