Asa Cisco Cert: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 24: Zeile 24:
 
*ciscoasa(config)# ssl trust-point xinux-ca
 
*ciscoasa(config)# ssl trust-point xinux-ca
 
*ciscoasa(config)# ssl trust-point xinux-ca if-outside
 
*ciscoasa(config)# ssl trust-point xinux-ca if-outside
 
+
=Anzeigen der Zertifakate=
 +
*ciscoasa# show crypto ca certificates
 +
<pre>
 +
CA Certificate
 +
  Status: Available
 +
  Certificate Serial Number: 00e200f5a9c082c5a1
 +
  Certificate Usage: General Purpose
 +
  Public Key Type: RSA (2048 bits)
 +
  Signature Algorithm: SHA1 with RSA Encryption
 +
  Issuer Name:
 +
    cn=xin-ca
 +
    ou=it
 +
    o=xinux
 +
    l=zw
 +
    st=rlp
 +
    c=de
 +
  Subject Name:
 +
    cn=xin-ca
 +
    ou=it
 +
    o=xinux
 +
    l=zw
 +
    st=rlp
 +
    c=de
 +
  CRL Distribution Points:
 +
    [1]  http://www.xinux.de/ca/xin-ca.crl
 +
  Validity Date:
 +
    start date: 12:55:09 MEST Oct 2 2015
 +
    end  date: 12:55:09 MEST Sep 29 2025
 +
  Associated Trustpoints: xinux-ca
 +
             
 +
Certificate 
 +
  Status: Available
 +
  Certificate Serial Number: 17
 +
  Certificate Usage: General Purpose
 +
  Public Key Type: RSA (2048 bits)
 +
  Signature Algorithm: SHA1 with RSA Encryption
 +
  Issuer Name:
 +
    cn=xin-ca
 +
    ou=it   
 +
    o=xinux 
 +
    l=zw     
 +
    st=rlp   
 +
    c=de     
 +
  Subject Name:
 +
    cn=asa.xinux.org
 +
    ou=it   
 +
    o=xinux 
 +
    l=zw     
 +
    st=rlp   
 +
    c=de     
 +
  Validity Date:
 +
    start date: 12:17:50 MET Feb 17 2016
 +
    end  date: 12:17:50 MET Feb 14 2026
 +
  Associated Trustpoints: xinux-ca
 +
</pre>
  
 
=Links=
 
=Links=
 
*http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/access_certs.html
 
*http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/access_certs.html

Version vom 18. Februar 2016, 15:37 Uhr

Vorbereitung auf Linuxclient

Zertifikat base64 kodieren

root@rome:/var/ssl/ca# base64 asa.xinux.org.p12 

MIIOYQIBAzCCDicGCSqGSIb3DQEHAaCCDhgEgg4UMIIOEDCCCMcGCSqGSIb3DQEHBqCCCLgwggi0
AgEAMIIIrQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIQ2tZmeaU3QICAggAgIIIgDVwud5w
...
PehaszElMCMGCSqGSIb3DQEJFTEWBBSCs+yHYNuyMvqmidxthKtkBG87EzAxMCEwCQYFKw4DAhoF
AAQUvFzIoZIxqy9wcM8+GviY5SSBWK0ECAb59v8IkE7MAgIIAA==
  • ciscoasa(config)# crypto ca import xinux-ca pkcs12 wirbelwind
Enter the base 64 encoded pkcs12.
End with the word "quit" on a line by itself:

MIIOYQIBAzCCDicGCSqGSIb3DQEHAaCCDhgEgg4UMIIOEDCCCMcGCSqGSIb3DQEHBqCCCLgwggi0
AgEAMIIIrQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIQ2tZmeaU3QICAggAgIIIgDVwud5w
...
PehaszElMCMGCSqGSIb3DQEJFTEWBBSCs+yHYNuyMvqmidxthKtkBG87EzAxMCEwCQYFKw4DAhoF
AAQUvFzIoZIxqy9wcM8+GviY5SSBWK0ECAb59v8IkE7MAgIIAA==
quit

Zertifikat für den ASM freischalte

  • ciscoasa(config)# ssl trust-point xinux-ca
  • ciscoasa(config)# ssl trust-point xinux-ca if-outside

Anzeigen der Zertifakate

  • ciscoasa# show crypto ca certificates
CA Certificate
  Status: Available
  Certificate Serial Number: 00e200f5a9c082c5a1
  Certificate Usage: General Purpose
  Public Key Type: RSA (2048 bits)
  Signature Algorithm: SHA1 with RSA Encryption
  Issuer Name: 
    cn=xin-ca
    ou=it
    o=xinux
    l=zw
    st=rlp
    c=de
  Subject Name: 
    cn=xin-ca
    ou=it
    o=xinux
    l=zw
    st=rlp
    c=de
  CRL Distribution Points: 
    [1]  http://www.xinux.de/ca/xin-ca.crl
  Validity Date: 
    start date: 12:55:09 MEST Oct 2 2015
    end   date: 12:55:09 MEST Sep 29 2025
  Associated Trustpoints: xinux-ca 
              
Certificate   
  Status: Available
  Certificate Serial Number: 17
  Certificate Usage: General Purpose
  Public Key Type: RSA (2048 bits)
  Signature Algorithm: SHA1 with RSA Encryption
  Issuer Name: 
    cn=xin-ca 
    ou=it     
    o=xinux   
    l=zw      
    st=rlp    
    c=de      
  Subject Name:
    cn=asa.xinux.org
    ou=it     
    o=xinux   
    l=zw      
    st=rlp    
    c=de      
  Validity Date: 
    start date: 12:17:50 MET Feb 17 2016
    end   date: 12:17:50 MET Feb 14 2026
  Associated Trustpoints: xinux-ca

Links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Asa_Cisco_Cert&oldid=8481