Friday, December 14, 2018

Updating Cisco ASA SSL cert from internal CA

I am trying to update the SSL certificate on my ASA 5510, but I need to do it from an internal CA. I have created the SSL cert and installed it onto the ASA, but I am getting an error when using ASDM to attempt to connect to it.

The error is "JNLPException[category: Download Error : Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: Extended key usage does not permit use for TLS server authentication"

From my research, I need to change the certificate templates on my CA to include client authentication for automatic response, but can't find anywhere that actually tells me how to go about that... Thanks in advance for the help.



No comments:

Post a Comment