Cisco ASA 5505 Configuration Manual page 736

Licensing Requirements for Digital Certificates
Storage for Local CA Files
The adaptive security appliance accesses and implements user information, issued certificates, and
revocation lists using a local CA database. This database resides in local flash memory by default, or can
be configured to reside on an external file system that is mounted and accessible to the adaptive security
appliance.
No limits exist on the number of users that can be stored in the local CA user database; however, if flash
memory storage issues arise, syslogs are generated to alert the administrator to take action, and the local
CA could be disabled until the storage issues are resolved. Flash memory can store a database with 3500
users or less; however, a database of more than 3500 users requires external storage.
Licensing Requirements for Digital Certificates
The following table shows the licensing requirements for this feature:
Model License Requirement
All models Base License.
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent mode.
Failover Guidelines
Does not support replicating sessions in Stateful Failover.
IPv6 Guidelines
Supports IPv6.
Additional Guidelines
For adaptive security appliances that are configured as CA servers or clients, limit the validity period of
the certificate to less than the recommended end date of 03:14:08 UTC, January 19, 2038. This guideline
also applies to imported certificates from third-party vendors.
Cisco ASA 5500 Series Configuration Guide using ASDM
35-8
Chapter 35 Configuring Digital Certificates
OL-20339-01