Ask a Question

How do I generate a Certificate Signing Request (CSR) file for Cisco ASA 5510?

Problem

Generate a Certificate Signing Request (CSR) file for Cisco ASA 5510

Solution

To generate a certificate signing request (CSR) for Cisco ASA 5510, perform the following steps:

Step 1:  Generate a key pair

  1. Within ASDM, click Configuration > Device Management
  2. Click Certificate Management > Identity Certificates > Add > Add a new identity certificate
  3. For the Key Pair, click New > Enter new key pair name
  4. Enter a unique key pair name for the certificate
  5. Select the key size as 2048
  6. To complete the generation of the key pair, click Generate Now

Step 2: Generate a certificate signing request (CSR) file

  1. To enter certificate information, click Select
  2. From the drop-down list, select the following attributes > enter value > click Add
    Note: The following fields are required: C (Country), St (State), L (Locality), O (Organization Name), OU (Organizational Unit), CN (Common Name)
  3. Once the appropriate values are added, click OK > Advanced
  4. In the FQDN field, enter the FQDN that will be used to access the device from the Internet: NOTE - If enrolling for a Subject Alternative Name certificate leave this field blank.
    Note: This value should be same FQDN you used for the Common Name (CN)
  5. Click OK Add Certificate > Browse
  6. Choose a name and location where to save the request file
     

This document uses an ASA 5510 that runs software version 8.0(2) and ASDM version 6.0(2).

For more information, refer to http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808b3cff.shtml