44-18
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter44 Configuring Digital Certificates
Configuring Identity Certificates Authentication
To add the ASA serial number to the certificate parameters, check the Include serial number of the
device check box.
Step21 Click the Enrollment Mode tab, and then enter the following information:
Choose the enrollment method by clicking the Request by manual enrollment radio button or the
Request from a CA radio button.
The enrollment URL of the certificate to be automatically installed through SCEP.
The maximum number of minutes allowed to retry installing an identity certificate. The default is
one minute.
The maximum number of retries allowed for installing an identity certificate. The default is zero,
which indicates an unlimited number of retries within the retry period.
Step22 Click the SCEP Challenge Password tab, and then enter the following information:
The SCEP password
The SCEP password confirmation
Step23 Click OK when you are done to close the Advanced Options dialog box.
Step24 Click Add Certificate in the Add Identity Certificate dialog box.
The new identity certificate appears in the Identity Certificates list.
Step25 Click Apply to save the new identity certificate configuration.
Showing Identity Certificate Details
To show detailed information about the selected identity certificate, click Show Details to display the
Certificate Details dialog box, which includes the following three display-only tabs:
The General tab displays the values for type, serial number, status, usage, public key type, CRL
distribution point, the times within which the certificate is valid, and associated trustpoints. The
values apply to both available and pending status.
The Issued to tab displays the X.500 fields of the subject DN or certificate owner and their values.
The values apply only to available status.
The Issued by tab displays the X.500 fields of the entity granting the certificate. The values apply
only to available status.
Deleting an Identity Certificate
To remove an identity certificate configuration, select it, and then click Delete.
Note After you delete a certificate configuration, it cannot be restored. To recreate the deleted
certificate, click Add to reenter all of the certificate configuration information.