SSL Certificate Installation for Cisco ASA 5500 VPN

Installing your SSL Certificate in the Adaptive Security Device Manager (ASDM)

For SSL Installation instructions showing the GUI please see
Cisco ASA 5520 SSL Installation Instructions.

  1. Download your Intermediate and Primary Certificate files (the DigiCertCA.crt and your_domainname_com.crt) from your DigiCert Customer Account to the directory where you will keep your certificate files.
  2. In ASDM select “Configuration” and then “Device Management.”
  3. Expand “Certificate Management” and select “CA Certificates” and then “Add.”
  4. With the option selected to “Install from a file,” browse to the DigiCertCA.crt file and then click the “Install Certificate” button at the bottom of the “Install Certificate” window.

    Your Intermediate (or chain) certificate file is now installed. You will now need to install the your_domainname_com.crt file.

  5. In ASDM select “Configuration” and then “Device Management.”
  6. Expand “Certificate Management” and select “Identity Certificates.”
  7. Select the appropriate identity certificate from when your CSR was generated (the “Issued By” field should show as not available and the “Expiry Date” field will show Pending…). Click the Install button.
  8. Browse to the appropriate identity certificate (the your_domainname_com.crt provided by DigiCert) and click “Install Certificate.”

NOTE: domainname_com.crt may need to be in the crt + private key format and you need to create the file using the cisco asa. Use the export function to create the proper file.

At this point you should receive confirmation that the certificate installation was successful.

Configuring WebVPN with ASDM to Use the New SSL Certificate

  1. In ASDM select “Configuration” and then “Device Management.”
  2. Click “Advanced” and then “SSL Settings.”
  3. From “Certificates,” choose the interface used to terminate WebVPN sessions, and then choose “Edit.”
  4. From the “Certificate” drop-down, select the newly installed certificate, then “OK,” and then “Apply.”

    Configuring your certificate for use with the selected kind of WebVPN session is now complete.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s