41-28
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter41 Configuring Digital Certificates
Configuring Digital Certificates
Configuring the Issuer Name
To configure the certificate issuer name, perform the following steps:
Configuring the CA Certificate Lifetime
To configure the local CA server certificate lifetime, perform the following steps:
Command Purpose
Step1 crypto ca server
Example:
hostname (config)# crypto ca server
Enters local CA server configuration mode. Allows
you to configure and manage a local CA.
Step2 issuer-name DN-string
Example:
hostname (config-ca-server)# issuer-name
CN=xx5520,CN=30.132.0.25,ou=DevTest,ou=QA,O=ABC
Systems
Specifies the local CA certificate subject name. The
configured certificate issuer name is both the subject
name and issuer name of the self-signed local CA
certificate, as well as the issuer name in all issued
client certificates and in the issued CRL. The default
issuer name in the local CA is in the format,
hostname.domainname.
Note You cannot change the issuer name value after
the local CA is first enabled.
Command Purpose
Step1 crypto ca server
Example:
hostname (config)# crypto ca server
Enters local CA server configuration mode. Allows
you to configure and manage a local CA.