Cisco ASA 5505 Configuration Manual page 1030
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Configuring Cisco Intercompany Media Engine Proxy
Command
Step 3
hostname(config-ca-trustpoint)# subject-name X.500_name
Example:
hostname(config-ca-trustpoint)# subject-name
cn=Ent-local-domain-name**
Step 4
hostname(config-ca-trustpoint)# keypair keyname
Example:
hostname(config-ca-trustpoint)# keypair local-ent-key
Step 5
hostname(config-ca-trustpoint)# enroll terminal
Step 6
hostname(config-ca-trustpoint)# exit
Step 7
hostname(config)# crypto ca enroll trustpoint
Example:
hostname(config)# crypto ca enroll remote-ent
%
% Start certificate enrollment ...
% The subject name in the certificate will be:
% cn=enterpriseA
% The fully-qualified domain name in the certificate will
@ be: ciscoasa
% Include the device serial number in the subject name?
[yes/no]: no
Display Certificate Request to terminal? [yes/no]: yes
Step 8
hostname(config)# crypto ca import trustpoint certificate
Example:
hostname(config)# crypto ca import remote-ent certificate
Step 9
hostname(config)# crypto ca authenticate trustpoint
Example:
hostname(config)# crypto ca authenticate remote-ent
Cisco ASA 5500 Series Configuration Guide using ASDM
47-24
Chapter 47
Configuring Cisco Intercompany Media Engine Proxy
Purpose
Includes the indicated subject DN in the
certificate during enrollment.
Note
The domain name that you enter here
must match the domain name that has
been set for the local Cisco UCM.
For information about how to configure
the domain name for Cisco UCM, see the
Cisco Unified Communications
Manager documentation for information.
Specifies the key pair whose public key is to be
certified.
Specifies that you will use the "copy and paste"
method of enrollment with this trustpoint (also
known as manual enrollment).
Exits from the CA Trustpoint configuration
mode.
Starts the enrollment process with the CA.
Where trustpoint is the same as the value you
entered for trustpoint_name in
When the trustpoint is configured for manual
enrollment (enroll terminal command), the
adaptive security appliance writes a
base-64-encoded PKCS10 certification request
to the console and then displays the CLI prompt.
Copy the text from the prompt.
Submit the certificate request to the CA, for
example, by pasting the text displayed at the
prompt into the certificate signing request
enrollment page on the CA website.
When the CA returns the signed identity
certificate, proceed to
Imports the signed certificate received from the
CA in response to a manual enrollment request.
Where trustpoint specifies the trustpoint you
created in
Step
2.
The adaptive security appliance prompts you to
paste the base-64 formatted signed certificate
onto the terminal.
Authenticates the third-party identity certificate
received from the CA. The identity certificate is
associated with a trustpoint created for the
remote enterprise.
The adaptive security appliance prompts you to
paste the base-64 formatted identity certificate
from the CA onto the terminal.
Step
2.
Step 8
in this procedure.
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
