Asa Cisco Cert: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
Zeile 24: Zeile 24:
 
*ciscoasa(config)# ssl trust-point xinux-ca
 
*ciscoasa(config)# ssl trust-point xinux-ca
 
*ciscoasa(config)# ssl trust-point xinux-ca if-outside
 
*ciscoasa(config)# ssl trust-point xinux-ca if-outside
 +
=Anzeigen der Trustpoints=
 +
*ciscoasa# show crypto ca trustpoints
 +
<pre>
 +
Trustpoint xinux-ca:
 +
    Subject Name:
 +
    cn=xin-ca
 +
    ou=it
 +
    o=xinux
 +
    l=zw
 +
    st=rlp
 +
    c=de
 +
          Serial Number: 00e200f5a9c082c5a1
 +
    Certificate configured.
 +
</pre>
 +
 +
 
=Anzeigen der Zertifakate=
 
=Anzeigen der Zertifakate=
 
*ciscoasa# show crypto ca certificates  
 
*ciscoasa# show crypto ca certificates  

Aktuelle Version vom 18. Februar 2016, 15:38 Uhr

Vorbereitung auf Linuxclient

Zertifikat base64 kodieren

root@rome:/var/ssl/ca# base64 asa.xinux.org.p12 

MIIOYQIBAzCCDicGCSqGSIb3DQEHAaCCDhgEgg4UMIIOEDCCCMcGCSqGSIb3DQEHBqCCCLgwggi0
AgEAMIIIrQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIQ2tZmeaU3QICAggAgIIIgDVwud5w
...
PehaszElMCMGCSqGSIb3DQEJFTEWBBSCs+yHYNuyMvqmidxthKtkBG87EzAxMCEwCQYFKw4DAhoF
AAQUvFzIoZIxqy9wcM8+GviY5SSBWK0ECAb59v8IkE7MAgIIAA==
  • ciscoasa(config)# crypto ca import xinux-ca pkcs12 wirbelwind
Enter the base 64 encoded pkcs12.
End with the word "quit" on a line by itself:

MIIOYQIBAzCCDicGCSqGSIb3DQEHAaCCDhgEgg4UMIIOEDCCCMcGCSqGSIb3DQEHBqCCCLgwggi0
AgEAMIIIrQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIQ2tZmeaU3QICAggAgIIIgDVwud5w
...
PehaszElMCMGCSqGSIb3DQEJFTEWBBSCs+yHYNuyMvqmidxthKtkBG87EzAxMCEwCQYFKw4DAhoF
AAQUvFzIoZIxqy9wcM8+GviY5SSBWK0ECAb59v8IkE7MAgIIAA==
quit

Zertifikat für den ASM freischalte

  • ciscoasa(config)# ssl trust-point xinux-ca
  • ciscoasa(config)# ssl trust-point xinux-ca if-outside

Anzeigen der Trustpoints

  • ciscoasa# show crypto ca trustpoints
Trustpoint xinux-ca:
    Subject Name: 
    cn=xin-ca
    ou=it
    o=xinux
    l=zw
    st=rlp
    c=de
          Serial Number: 00e200f5a9c082c5a1
    Certificate configured.


Anzeigen der Zertifakate

  • ciscoasa# show crypto ca certificates
CA Certificate
  Status: Available
  Certificate Serial Number: 00e200f5a9c082c5a1
  Certificate Usage: General Purpose
  Public Key Type: RSA (2048 bits)
  Signature Algorithm: SHA1 with RSA Encryption
  Issuer Name: 
    cn=xin-ca
    ou=it
    o=xinux
    l=zw
    st=rlp
    c=de
  Subject Name: 
    cn=xin-ca
    ou=it
    o=xinux
    l=zw
    st=rlp
    c=de
  CRL Distribution Points: 
    [1]  http://www.xinux.de/ca/xin-ca.crl
  Validity Date: 
    start date: 12:55:09 MEST Oct 2 2015
    end   date: 12:55:09 MEST Sep 29 2025
  Associated Trustpoints: xinux-ca 
              
Certificate   
  Status: Available
  Certificate Serial Number: 17
  Certificate Usage: General Purpose
  Public Key Type: RSA (2048 bits)
  Signature Algorithm: SHA1 with RSA Encryption
  Issuer Name: 
    cn=xin-ca 
    ou=it     
    o=xinux   
    l=zw      
    st=rlp    
    c=de      
  Subject Name:
    cn=asa.xinux.org
    ou=it     
    o=xinux   
    l=zw      
    st=rlp    
    c=de      
  Validity Date: 
    start date: 12:17:50 MET Feb 17 2016
    end   date: 12:17:50 MET Feb 14 2026
  Associated Trustpoints: xinux-ca

Links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Asa_Cisco_Cert&oldid=8482