To install a certificate into a Cisco ASA 5520 device, perform the following steps:
Copy the Intermediate CA certificate and paste it on a Notepad.
Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
Save the file as intermediate.crt
Click the Add button.
Assign a Trustpoint Name to the certificate (e.g. intermediate.crt), And select the Install from a file: radio button and browse to intermediate.crt. Click Install Certificate.
You should then see the Certificate listed with the Trustpoint Name you assigned to it.
To follow the naming convention for Cisco, rename the certificate filename with the .crt extension.
For example: public.crt
Under Remote Access VPN, expand Certificate Management > Identity Certificates.
Select the identity you created for the CSR with the Expiry Date shown as pending and click Install, select yourdomain_com.crt and click Install Certificate. Once installed the Expiry Date will no longer show 'Pending.'
The certificate now needs to be enabled. On the lower left, click Advanced > SSL Settings. Then, select the interface you want SSL enabled for and click Edit.
On the next screen, click the drop-down menu and for Primary Enrolled Certificate select your certificate then click OK.
The ADSM will then show your certificate details under trustpoint.
Verify your installation with the DigiCert Installation Checker
Cisco ASA 5520
For more information, see the Cisco Support website.