Firewall Wizards mailing list archives
Re: Digital certificate on asa 7 without CA
From: Skip Carter <skip () taygeta com>
Date: Thu, 14 Jun 2007 12:05:52 -0700
If I understand your plan, you will be using self-signed certificates for authentication. If so, I'd suggest you create a private CA (there are scripts that come with openssl for this) instead. Using self-signed certificates is not secure because they can be readily counterfieted. On Wed, 13 Jun 2007 08:12:18 +0200 "Youssef AGHARMINE" <YAG () d-fi fr> wrote:
Hi All, Does someone succeed to Get a VPN working between a Cisco client VPN and and ASA with certificate. I intended to generate my certificate with openssl (on linux machine ) and then to import certificate on the asa and also on client. My goal is to avoir pre-shared key by certificate, but I don't to have to enroll my certificate automatically.
-- Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647 Taygeta Network Security Services email: skip () taygeta net 1340 Munras Ave., Suite 314 WWW: http://www.taygeta.net/ Monterey, CA. 93940 _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Digital certificate on asa 7 without CA Youssef AGHARMINE (Jun 14)
- Re: Digital certificate on asa 7 without CA Skip Carter (Jun 15)