Contact us at |support@ssldragon.com
  • install an ssl certificate on cisco asa

How to install an SSL Certificate on Cisco ASA 5500 series?

Tuesday, March 5th, 2019

This comprehensive tutorial provides step by step instructions on how to generate a CSR code and install an SSL Certificate on Cisco ASA 5500 series. On top of that, you will also learn a few interesting facts about Cisco’s history, as well as discover the best place where you can buy affordable SSL Certificates.

If you’ve already generated the CSR code elsewhere, you can skip the first part and jump straight to the installation instructions.

Generate a CSR code on Cisco ASA 5500 series
Install an SSL Certificate on Cisco ASA 5500 series
Test your SSL installation
Cisco Adaptive Security Appliance history and versions
Where to buy the best SSL Certificate for Cisco ASA 5500 series?

Generate a CSR code on Cisco ASA 5500 series

Generating a CSR (Certificate Signing Request) code is an essential part of your SSL application process. The CSR code is a block of encoded text containing your contact data. Your CA (Certificate Authority) will use this information to verify your identity and sing your SSL Certificate. Here’s how to create a CSR code on Cisco ASA 5500 series:

  1. Log into your Cisco Adaptive Security Device Manager (ASDM), click on Configuration and then on Device Management
  2. Expand the Certificate Management tree, and then select Identity Certificates. Click Add
  3. In the Add Identity Certificate window, check the Add a new identity certificate radio button, and click New, next to Key Pair
  4. In the Add Key Pair window, select Enter new key pair name, and write any name for the key pair. Click Generate Now to create your key pair
  5. Next, in the Add Identity Certificate window, next to Certificate Subject DN click Select
  6. In the Certificate Subject DN window, select an attribute from the drop-down list and assign the appropriate value by clicking Add. Please follow the examples below:
    • CN: provide the FQDN (fully qualified domain name) through which the firewall will be accessed. For instance, yoursite.com
    • OU: specify the organizational unit in charge of web security an SSL management. For example, IT
    • O: type the full name of your organization. For instance, GPI Holding LLC
    • C: write your country’s two-letter code. For example, US. Click here to find more codes
    • ST: name the state where your organization is located. For instance, California
    • L: name the city where your organization is registered. For instance, San Jose
  7. Double-check the info you’ve just entered and click OK
  8. Next, In the Add Identity Certificate window, click Advanced
  9. In the FQDN box, enter the fully-qualified domain name through which the device will be accessed externally, or the same FQDN you’ve added to the CN value in step 6
  10. Click OK and then hit the Add Certificate button
  11. Save your CSR code as a text file. You can use any text editor such as Notepad, for example.

That’s it! Now, you can use your CSR code during the SSL order process. After your CA signs your SSL Certificate and sends the relevant files to your inbox, you can proceed with the installation.

Install an SSL Certificate on Cisco ASA 5500 series

Your very first step is to prepare all your SSL Certificate files. You should receive a ZIP Archive from your CA with the primary and intermediate certificates inside.

  1. Download and extract the SSL Certificate files
  2. Use a plain text editor such as Notepad and copy the contents of your primary SSL certificate into a text file (.text extension). Don’t forget to also copy the —– BEGIN CERTIFICATE—– and —–END CERTIFICATE—– tags
  3. Now repeat the action of step 2 for your intermediate certificate

    Note: If your CA requires two intermediate certificates, for best browser compatibility, you need to copy them within own corresponding .crt files and install them one at a time.

  4. Next, you have to install the intermediate certificate. Log into your ASDM account and go to Configuration > Device Management
  5. Expand the Certificates Management tree and click on CA Certificates
  6. Now, click Add
  7. In the newly opened window, you can either click Browse to import your intermediate Certificate from your device, or alternatively, check the Paste Certificate in PEM format radio button, and copy the contents of your Intermediate CA cert manually. After you’re done, click Install Certificate
  8. Now it’s time to install your primary certificate. Go to Configuration > Device Management
  9. Expand the Certificates Management tree and click on CA Certificates
  10. Next, locate the identity certificate you created from the CSR generation and click Install
  11. In the Install Identity Certificate Window, specify the location and path of your SSL Certificate file
  12. Click Install. A dialog box will confirm the successful installation.

Configure your SSL Certificate on Cisco ASA 5500 series

  1. Go to Configuration > Device Management, and expand Advanced > SSL Settings
  2. Next, under Certificates, choose the interface used to determine WebVPN sessions
  3. In the Select SSL Certificate window, from the Primary Enrolled Certificate drop-down list, select the SSL Certificate you’ve just installed
  4. Click OK and then Apply

Congratulations, you’ve successfully added an SSL Certificate to Cisco ASA 5500 series.

Test your SSL installation

Browse the HTTPS version of your domain and check if the SSL green padlock is present. You can click on it and inspect your certificate’s details. To perform an extensive test, use these highly efficient SSL tools. They will scan your installation and provide instant reports.

Cisco ASA history and versions

Cisco Systems, Inc. is an American technology conglomerate, specializing in networking hardware and software. Founded in 1984, in San Francisco by Leonard Bosack and Sandy Lemer, Cisco System is now located in San Jose, California.

Cisco offers a wide range of products and services for the corporate market, small businesses, and home users.

Cisco ASA (Adaptive Security Appliance) software is a proven firewall and network security platform with the following features:

  • Integrated IPS, VPN, and Unified Communications Capabilities
  • Collaboration between physical and virtual devices
  • Dynamic routing and site-to-site VPN on a per-context basis
  • High-performance, multi-site, multi-node clustering

Listed below are all the versions of Cisco ASA 5500 series:

  • Cisco ASA 5500
  • Cisco ASA 5505
  • Cisco ASA 5510
  • Cisco ASA 5520
  • Cisco ASA 5540
  • Cisco ASA 5550
  • Cisco ASA 5580

Where to buy the best SSL Certificate for Cisco ASA 5500 series?

SSL Dragon is your one-stop place for all your SSL needs. We’ve partnered with the most trusted Certificate Authorities in the industry to offer you affordable SSL products. All our certificates are compatible with the Cisco ASA 5500 series. Whether you want to protect a personal or corporate website, we’ve got you covered. Below, you will find the types of SSL certificates available at SSL Dragon:

You can pick the ideal SSL Certificate for your project and budget with the help of our powerful SSL Wizard and Certificate Filter tools. The first tool will find the best SSL Certificate for your website and budget, while the second one will sort and compare various certificates by price, validation, and features.

If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected]. Your input would be greatly appreciated! Thank you.