Evil_TTL> show | s

ASA Self Signed Certificate

Category:Cisco Systems -> Security

Generating self-signed certificate for ASA is truly a piece of cake and may be useful to save your time.

It’s very important to set the correct time and the best way to do this is enter the command to use NTP server. For example:

ntp server 

Then continue with the following configuration:

hostname  asa
-name company.local

crypto key generate rsa label sslvpnkeypair  modulus 1024
crypto ca trustpoint self
     enroll self
      fqdn asa
-name CN=asa.company.local
      keypair sslvpnkeypair
crypto ca enroll self noconfirm
ssl trust
-point self outside 

This is it! We have just generated a self-signed certificate for ASA.

By privilege15