Chapter 33 Configuring Certificates

CA Certificate Authentication

More Options... —For additional options for new certificates, click the More Options... button to display configuration options for new and existing certificates. See Configuration Options for CA Certificates.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode

Security Context

 

 

 

 

 

 

 

 

 

Multiple

 

 

 

 

 

 

Routed

Transparent

Single

Context

System

 

 

 

 

 

 

 

 

 

 

Edit CA Certificate Configuration

To modify the characteristics of an existing certificate, select the certificate and click the Edit button to display a number of tab-selectable displays that address CA certificate configuration specifics. For details, see Configuration Options for CA Certificates.

Show CA Certificate Details

The Show Details button displays the Certificate Details dialog box, which shows the following information about the selected certificate:

General—Displays the values for type, serial number, status, usage, public key type, CRL distribution point, the times within which the certificate is valid, and associated certificates. This applies to both available and pending status.

Issued to— Displays the X.500 fields of the subject DN or certificate owner and their values. This applies only to available status.

Issued by—Displays the X.500 fields of the entity granting the certificate. This applies only to available status.

Request CRL

The Request CRL button updates the current version of the Certificate Revocation List (CRL). CRL update provides the current status of certificate users. If the request fails, an error message displays.

The CRL is generated and regenerated automatically until it expires; the Request CRL button forces an immediate CRL file update and regeneration.

Delete a CA Certificate

The Delete button immediately removes the selected CA Certificate configuration from the security appliance. Once you delete a certificate configuration, it cannot be restored; to recreate the deleted certificate, you must use the Add button to reenter the certificate configuration information from the beginning

Note Once you delete a certificate configuration, it cannot be restored.

 

 

Cisco Security Appliance Command Line Configuration Guide

 

 

 

 

 

 

OL-16647-01

 

 

33-3

 

 

 

 

 

Page 3
Image 3
Cisco Systems OL-16647-01 manual Edit CA Certificate Configuration, Show CA Certificate Details, Request CRL, 33-3