Cisco ASA 5505 Configuration Manual page 746

Configuring Identity Certificates Authentication
Enter the passphrase used to encrypt the PKCS12 file for export.
Step 4
Confirm the encryption passphrase.
Step 5
Click Export Certificate to export the certificate configuration.
Step 6
An information dialog box appears, informing you that the certificate configuration file has been
successfully exported to the location that you specified.
Generating a Certificate Signing Request
Entrust supports a key modulus size of 1024 only. Consult Entrust if you are using any other value.
Note
To generate a certificate signing request to send to Entrust, perform the following steps:
Step 1 Click Enroll ASA SSL VPN with Entrust to display the Generate Certificate Signing Request dialog
box.
In the Key Pair area, perform the following steps:
Step 2
a.
b.
c.
d.
In the Certificate Subject DN area, enter the following information:
Step 3
a.
b.
c.
In the Optional Parameters area, perform the following steps:
Step 4
a.
b.
c.
d.
e.
Enter additional fully qualified domain name information if the CA requires it.
Step 5
Click Generate Request to generate the certificate signing request, which you can then send to Entrust,
Step 6
or save to a file and send later.
The Enroll with Entrust dialog box appears, with the CSR displayed.
Cisco ASA 5500 Series Configuration Guide using ASDM
35-18
Choose one of the configured key pairs from the drop-down list.
Click Show to display the Key Details dialog box, which provides information about the selected
key pair, including date and time generated, usage (general or special purpose), modulus size, and
key data.
Click OK when you are done to close Key Details dialog box.
Click New to display the Add Key Pair dialog box. To continue, go to Step 8 of the
Importing an Identity Certificate" section on page
send it to the adaptive security appliance or save it to a file.
The FQDN or IP address of the adaptive security appliance.
The name of the company.
The two-letter country code.
Click Select to display the Additional DN Attributes dialog box.
Choose the attribute to add from the drop-down list, and then enter a value.
Click Add to add each attribute to the attribute table.
Click Delete to remove an attribute from the attribute table.
Click OK when you are done to close the Additional DN Attributes dialog box.
The added attributes appear in the Additional DN Attributes field.
Chapter 35 Configuring Digital Certificates
35-15. When you generate the key pair, you can
"Adding or
OL-20339-01