Cisco ASA 5505 Configuration Manual page 1029
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Chapter 47
Configuring Cisco Intercompany Media Engine Proxy
optional task
allows for secure TLS connections between the local Cisco UCM and the local adaptive security
appliance. The instructions in that task describe how to create trustpoints between the local Cisco UCM
and the local adaptive security appliance.
Prerequisites for Installing Certificates
To create a proxy certificate on the adaptive security appliance that is trusted by the remote entity, obtain
a certificate from a trusted CA or export it from the remote enterprise adaptive security appliance.
To export the certificate from the remote enterprise, you enter the following command on the remote
adaptive security appliance:
hostname(config)# crypto ca export trustpoint identity-certificate
The adaptive security appliance prompts displays the certificate in the terminal screen. Copy the
certificate from the terminal screen. You will need the certificate text in
Procedure
To create the trustpoints and generate certificates, perform the following steps:
Command
Step 1
hostname(config)# crypto key generate rsa label
key-pair-label modulus size
Example:
hostname(config)# crypto key generate rsa label
local-ent-key modulus 2048
Step 2
hostname(config)# crypto ca trustpoint trustpoint_name
Example:
hostname(config)# crypto ca trustpoint local_ent
OL-20339-01
(Optional) Configuring TLS within the Local Enterprise, page
Configuring Cisco Intercompany Media Engine Proxy
Purpose
On the local adaptive security appliance, creates
the RSA keypair that can be used for the
trustpoints. This is the keypair and trustpoint for
the local entities signed certificate.
The modulus key size that you select depends on
the level of security that you want to configure
and on any limitations imposed by the CA from
which you are obtaining the certificate. The
larger the number that you select, the higher the
security level will be for the certificate. Most
CAs recommend 2048 for the key modulus size;
however,
GoDaddy requires a key modulus size of
Note
2048.
Enters the trustpoint configuration mode for the
specified trustpoint so that you can create the
trustpoint for the local entity.
A trustpoint represents a CA identity and
possibly a device identity, based on a certificate
issued by the CA. Maximum name length is 128
characters.
Cisco ASA 5500 Series Configuration Guide using ASDM
47-28. Performing that task
Step 5
of this task.
47-23
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
