11-20
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 11 Configuring Security Manager Administrative Settings
Device Groups Page

Add Certificate Dialog Box

Use the Add Certificate dialog box to add device certificates manually for devices that use the SSL
transport protocol (firewall devices, FWSMs, ASAs, IPS devices, and Cisco IOS devices). Adding the
device certificates manually gives you the highest level of security because then an intruder is prevented
from introducing a fraudulent certificate thumbprint. Device certificates are stored in the database to be
used for device authentication.
For more information about manually adding SSL certificates, see Manually Adding SSL Certificates
for Devices that Use HTTPS Communications, page 9-4.
Navigation Path
Select Tools > Security Manager Administration, select Device Communication from the table of
content, and click Add Certificate.
Field Reference
Device Groups Page
Use the Device Groups page to manage the device groups and group types defined in the device
inventory.
Navigation Path
Select Tools > Security Manager Administration, then select Device Groups from the table of
contents.
Overwrite SSH Keys Whether Security Manager can overwrite the SSH key for a device
when it changes on the device. For SSH connections, a correct key is
required for successful communication.
Deselect this check box with caution, and only if you require a greater
level of security. Security Manager does not communicate with the
device if keys are changed on the device.
Save button Saves and applies changes.
Reset button Resets changes to the last saved values.
Restore Defaults button Resets values to Security Manager defaults.
Table11-9 Device Communication Page (Continued)
Element Description
Table11-10 Add Certificate Dialog Box
Element Description
Host Name or IP Address The hostname or IP address of the device for which you are adding the
certificate.
Certificate Thumbprint The certificate thumbprint, which is a string of hexadecimal digits that
is unique to the device.