CHAPT ER
41-1
Cisco ASA 5500 Series Configuration Guide using the CLI
41
Configuring Digital Certificates
This chapter describes how to configure digital certificates and includes the following sections:
Information About Digital Certificates, page41-1
Licensing Requirements for Digital Certificates, page 41-7
Prerequisites for Local Certificates, page 41-7
Guidelines and Limitations, page41-8
Configuring Digital Certificates, page41-9
Monitoring Digital Certificates, page41-41
Feature History for Certificate Management, page41-43

Information About Digital Certificates

CAs are responsible for managing certificate requests and issuing digital certificates. A digital certificate
includes information that identifies a user or device, such as a name, serial number, company,
department, or IP address. A digital certificate also includes a copy of the public key for the user or
device. A CA can be a trusted third party, such as VeriSign, or a private (in-house) CA that you establish
within your organization.
Tip For an example of a scenario that includes certificate configuration and load balancing, see the following
URL: https://supportforums.cisco.com/docs/DOC-5964.
This section includes the following topics:
Public Key Cryptography, page41-2
Certificate Scalability, page41-2
Key Pairs, page41-2
Trustpoints, page41-3
Revocation Checking, page41-4
The Local CA, page 41-6