Cisco ASA 5505 Configuration Manual page 729
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Configuring Digital Certificates
This chapter describes how to configure digital certificates and includes the following sections:
•
•
•
•
•
•
•
•
•
•
Information About Digital Certificates
Digital certificates provide digital identification for authentication. A digital certificate includes
information that identifies a device or user, such as the name, serial number, company, department, or IP
address. CAs are trusted authorities that "sign" certificates to verify their authenticity, thereby
guaranteeing the identity of the device or user. CAs issue digital certificates in the context of a PKI,
which uses public-key or private-key encryption to ensure security.
For authentication using digital certificates, at least one identity certificate and its issuing CA certificate
must exist on an adaptive security appliance. This configuration allows multiple identities, roots, and
certificate hierarchies. Descriptions of several different types of available digital certificates follow:
•
•
•
OL-20339-01
Information About Digital Certificates, page 35-1
Licensing Requirements for Digital Certificates, page 35-8
Configuring CA Certificate Authentication, page 35-9
Configuring Identity Certificates Authentication, page 35-14
Configuring Code Signer Certificates, page 35-20
Authenticating Using the Local CA, page 35-22
Managing the User Database, page 35-25
Managing User Certificates, page 35-28
Monitoring CRLs, page 35-28
Feature History for Certificate Management, page 35-29
A CA certificate is used to sign other certificates. It is self-signed and called a root certificate. A
certificate that is issued by another CA certificate is called a subordinate certificate. For more
information, see the
"Configuring CA Certificate Authentication" section on page
CAs also issue identity certificates, which are certificates for specific systems or hosts. For more
information, see the
"Configuring Identity Certificates Authentication" section on page
Code-signer certificates are special certificates that are used to create digital signatures to sign code,
with the signed code itself revealing the certificate origin. For more information, see the
"Configuring Code Signer Certificates" section on page
C H A P T E R
35-20.
Cisco ASA 5500 Series Configuration Guide using ASDM
35
35-9.
35-14.
35-1
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
