Firewall Wizards mailing list archives

Re: Digital certificate on asa 7 without CA

From: Skip Carter <skip () taygeta com>
Date: Thu, 14 Jun 2007 12:05:52 -0700

If I understand your plan, you will be using self-signed certificates
for authentication.  If so, I'd suggest you create a private CA (there are
scripts that come with openssl for this) instead.  Using self-signed
certificates is not secure because they can be readily counterfieted.



On Wed, 13 Jun 2007 08:12:18 +0200
"Youssef AGHARMINE" <YAG () d-fi fr> wrote:

Hi All,

 

Does someone succeed to Get a VPN working between a Cisco client VPN and
and ASA with certificate.

I intended to generate my certificate with  openssl (on linux machine )
and then to import certificate on the asa and also on client.

My goal is to avoir pre-shared key by certificate, but I don't to have
to enroll my certificate automatically.




-- 
 Dr. Everett (Skip) Carter           Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Network Security Services   email: skip () taygeta net
 1340 Munras Ave., Suite 314         WWW: http://www.taygeta.net/
 Monterey, CA. 93940            









_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Digital certificate on asa 7 without CA Youssef AGHARMINE (Jun 14)
- Re: Digital certificate on asa 7 without CA Skip Carter (Jun 15)