Cisco ASA Series Cli Configuration Manual page 961

Chapter 1 Configuring Digital Certificates
Customizing the Local CA Server
To configure a customized local CA server, perform the following commands:
Command
Step 1
crypto ca server
Example:
hostname (config)# crypto ca server
Step 2
issuer-name DN-string
Example:
hostname (config-ca-server)# issuer-name
cn=xx5520,cn=30.132.0.25,ou=DevTest,ou=QA,o=ASC
Systems
Step 3
smtp subject subject-line
Example:
hostname (config-ca-server) # smtp subject Priority
E-Mail: Enclosed Confidential Information is
Required for Enrollment
Step 4
smtp from-address e-mail_address
Example:
hostname (config-ca-server) # smtp from-address
SecurityAdmin@example.com
Step 5
subject-name-default dn
Example:
hostname (config-ca-server) # subject-name default
cn=engineer, o=ASC Systems, c=US
Configuring Digital Certificates
Purpose
Enters local ca server configuration mode. Allows
you to configure and manage a local CA.
Specifies parameters that do not have default values.
Customizes the text that appears in the subject field
of all e-mail messages sent from the local CA server
Specifies the e-mail address that is to be used as the
From: field of all e-mail messages that are generated
by the local CA server.
Specifies an optional subject-name DN to be
appended to a username on issued certificates. The
default subject-name DN becomes part of the
username in all user certificates issued by the local
CA server.
The allowed DN attribute keywords are as follows:
•
C = Country
•
CN = Common Name
•
EA = E-mail Address
•
L = Locality
•
O = Organization Name
•
OU = Organization Unit
•
ST = State/Province
•
SN = Surname
•
ST = State/Province
Note
If you do not specify a subject-name-default
to serve as a standard subject-name default,
you must specify a DN each time that you
add a user.
Cisco ASA Series CLI Configuration Guide
1-25