Cisco ASA 5505 Configuration Manual page 747

Chapter 35 Configuring Digital Certificates
To complete the enrollment process, click the request a certificate from Entrust link by copying and
Step 7
pasting the CSR provided and submitting it through the Entrust web form, provided at
http://www.entrust.net/cisco/. Alternatively, to enroll at a later time, save the generated CSR to a file,
then click the enroll with Entrust link on the Identity Certificates pane to complete the enrollment
process.
Entrust issues a certificate after verifying the authenticity of your request. which may take several days.
Step 8
You then need to install the certificate by selecting the pending request in the Identity Certificate pane
and clicking Install. Click Close to close the Enroll with Entrust dialog box.
Installing Identity Certificates
The Install button on the Identity Certificates pane is dimmed unless an enrollment is pending. Whenever
the adaptive security appliance receives a CSR, the Identity Certificates pane displays the pending ID
certificate. When you select the pending Identity Certificate, the Install button activates.
When you transmit the pending request to a CA, the CA enrolls it and returns a certificate to the adaptive
security appliance. After you have received the certificate, click Install and highlight the appropriate
identity certificate to complete the operation.
To installing a pending identity certificate, perform the following steps:
Step 1 In the Identity Certificates pane, click Add to display the Add Identity Certificate dialog box.
In the Add Identity Certificate dialog box, click the Add a new identity certificate radio button.
Step 2
(Optional) Change the key pair or create a new key pair. A key pair is required.
Step 3
Enter the Certificate Subject DN information, and then click Select to display the Certificate Subject DN
Step 4
dialog box.
Specify all of the subject DN attributes required by the CA involved, and then click OK to close the
Step 5
Certificate Subject DN dialog box.
In the Add Identity Certificate dialog box, click Advanced to display the Advanced Options dialog box.
Step 6
To continue, see Steps 17 through 23 of the
Step 7
on page
In the Add Identity Certificate dialog box, click Add Certificate.
Step 8
The Identity Certificate Request dialog box appears.
Enter the CSR file name of type, text, such as c:\verisign-csr.txt, and then click OK.
Step 9
Send the CSR text file to the CA. Alternatively, you can paste the text file into the CSR enrollment page
Step 10
on the CA website.
When the CA returns the Identity Certificate to you, go to the Identity Certificates pane, select the
Step 11
pending certificate entry, and click Install.
The Install Identity Certificate dialog box appears.
Choose one of the following options by clicking the applicable radio button:
Step 12
•
•
OL-20339-01
35-14.
Install from a file.
Alternatively, click Browse to search for the file.
Paste the certificate data in base-64 format.
Configuring Identity Certificates Authentication
"Configuring Identity Certificates Authentication" section
Cisco ASA 5500 Series Configuration Guide using ASDM
35-19