|  首頁
說明

SSL 憑證 說明

Generate a CSR (Certificate Signing Request) for my Cisco ASA 5500 VPN/Firewall

Before you request a certificate, use the Cisco Adaptive Security Device Manager (ASDM) to generate a Certificate Signing Request (CSR) for your Cisco Adaptive Security Appliance (ASA) 5500 VPN or firewall.

  1. Launch the Cisco ASDM (Adaptive Security Device Manager).
  2. In the list of icons near the top of the screen, click Configuration.
  3. On the left hand sidebar, click Remote Access VPN.
  4. In the new panel on the left, click to expand Certificate Management then click Identity Certificates.
  5. On the right-hand side of the main panel, click Add.
  6. For the Trustpoint Name, simply enter a name to easily identify your SSL at a later date.
  7. Select the radio button to Add a new identity certificate.
  8. To the right of Key Pair, click New....
  9. On the new window, select RSA for Key Type.
  10. Select the radio button for Enter new key pair name and enter a name to easily identify your SSL at a later date.
  11. With Size, select 2048 in the drop down menu.
  12. For Usage, select General purpose.
  13. Click Generate Now.
  14. Back on the Add Identity Certificate window, click Select... to the right of Certificate Subject DN.
  15. In the new window, you'll want to include your attributes by choosing an option from the Attribute drop down menu, typing in the Value and clicking Add>> for each item below:
  16. Attribute Description
    Common Name (CN) The fully-qualified domain name, or URL, you want to secure for connections to your firewall.
    Note: If you're requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.
    Company Name (O) The legally-registered name for your business. If you're enrolling as an individual, enter the certificate requestor's name.
    Country (C) The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.
    State (St) Name of the state where your organization is located. Do not abbreviate.
    Location (L) Name of the city where your organization is registered/located. Do not abbreviate.
  17. Click OK to confirm.
  18. Back on the Add Identity Certificate window, click Advanced....
  19. In the new window, fill out the field for FQDN with the same Common Name (CN) you used earlier.
  20. Click OK to confirm.
  21. Back on the Add Identity Certificate window, ensure the Enable CA flag in basic constraints extension remains checked.
  22. Click Add Certificate.
  23. In the prompt to save your CSR, click Browse....
  24. Choose a location where you wish to save the CSR with the .txt extension at the end of your file name. You'll need to open this newly created file to copy its contents for the next step.

Next step

After you create a CSR, you'll need to request your certificate. How you request a certificate is dependent on the type of certificate you have:

Type Next step
Standard Assurance SSL certificate Request an SSL certificate (Standard Assurance)
Deluxe or Extended Validation certificates Request an SSL certificate (Deluxe or Extended Validation)
Code or Driver Signing certificates Request code or driver signing certificates

More info

Note: As a courtesy, we provide information about how to use certain third-party products, but we do not endorse or directly support third-party products and we are not responsible for the functions or reliability of such products. Third-party marks and logos are registered trademarks of their respective owners. All rights reserved.


這篇文章有用嗎?
感謝您提供意見。 若要與客戶服務代表聯絡,請撥打支援中心電話號碼,或使用上方的對話選項。
很高興能幫上忙! 還有什麼可幫您的嗎?
很抱歉有這種情形。 請告訴我們您不了解的部分,或解決方案無法解決您問題的原因。