Upload VPN Concentrator Certificates
Generate a certificate on the ASA when you set it up to support the VPN feature. Download the generated certificate to your PC or workstation and then upload it to using the procedure in this section. saves the certificate in the Phone-VPN-trust list.
The ASA sends this certificate during the SSL handshake, and the compares it against the values stored in the Phone-VPN-trust list.
The sends its Manufacturer Installed Certificate (MIC) by default. If you configure the CAPF service, the sends its Locally Significant Certificate (LSC).
To use device level certificate authentication, install the root MIC or CAPF certificate in the ASA, so that the are trusted.
To upload certificates to , use the Cisco Unified OS Administration.
Procedure
Step 1 |
From Cisco Unified OS Administration, choose . |
Step 2 |
Click Upload Certificate. The Upload Certificate dialog box appears. |
Step 3 |
From the Certificate Purpose drop-down list, choose Phone-VPN-trust. |
Step 4 |
Click Browse to choose the file that you want to upload. |
Step 5 |
Click Upload File. |