Wildcard SSL Installation Guide for Cisco ASA 5510 & Cisco ASA 5525
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Wildcard SSL Installation Guide for Cisco ASA 5510 & Cisco ASA 5525

A step-by-step guide for installing a Wildcard SSL Certificate on Cisco ASA 5510 & 5525 Servers

Wildcard SSL Certificates are extremely versatile. As opposed to just covering a single domain, a Wildcard Certificate can cover both a root domain and all its associated Sub-Domains. For example, if you’re trying to cover your website, which we’ll name www.mydomain.com for this exercise, a Wildcard SSL Certificate could cover:

Your Base Domain:

  • www.mydomain.com

Plus, all accompanying Sub-Domains:

  • mail.mydomain.com
  • ftp.mydomain.com
  • blog.mydomain.com
  • vpn.mydomain.com

As we said, it’s a very versatile SSL Certificate.

Today we’re going to cover how to install one on Cisco ASA 5510 and Cisco ASA 5525 servers. Let’s take a look:

1. Download the Root and Intermediate Certificates from you CA. Usually these will be available on the CA’s website or via email.

Note: For Cisco ASDM 6.3 and 6.1, you have to install both the Root and Intermediate Certificate before generating your RSA key.

2. Install the Root Certificate

    a. In ASDM, select Configuration, then Device Management
    b. Click Certificate Management, then select CA Certificates
    c. Select Add, then click Paste Certificate in PEM Format
    d. Paste the Root Certificate into the text field
    e. Click Install Certificate

3. Install the Intermediate Certificate

    a. In ASDM, select Configuration, then Device Management
    b. Click Certificate Management, then select CA Certificates
    c. Select Add, then click Paste Certificate in PEM Format
    d. Paste the Intermediate Certificate into the text field
    e. Click Install Certificate

4. Locate your SSL Certificate. Most CAs will email it directly to you or make it available on their web site.

    a. Copy and paste the certificate into a text file using Notepad
    b. Save the file as SSLCertificate.pem

5. Install your SSL Certificate

    a. Select Configuration and then click on Device Management
    b. Under Certificate Management, select Identity Certificates
    c. Select the certificate you created and click Install
    d. Choose Paste the Certificate Data in Base-64 Format
    e. Paste the Certificate into the text field
    f. Click Install Certificate

6. Activate your SSL Certificate

    a. Select Configuration and then choose Device Management
    b. Click Advanced and then expand SSL Settings
    c. Under Certificates, choose the interface you use to terminate WebVPN sessions
    d. Select Edit
    e. In the drop-down list, select the Certificate you just installed
    f. Click OK, then Apply

Congratulations! You’ve now installed your Wildcard SSL Certificate on Cisco ASA 5510 or Cisco ASA 5525.

1 comment
  • Nice explanation. Do you think the wildcard cert will work on a scenario where I have 3 ASAs that I want to use for Anyconnect but I want the 3 of them to share the same domain, for example. vpn.lab.com, via DNS we can have it resolve to the 3 public IPs of the ASAs.

Leave a Reply

Your email address will not be published. We will only use your email address to respond to your comment and/or notify you of responses. Required fields are marked *

Captcha *

Author

Patrick Nohe

Patrick started his career as a beat reporter and columnist for the Miami Herald before moving into the cybersecurity industry a few years ago. Patrick covers encryption, hashing, browser UI/UX and general cyber security in a way that’s relatable for everyone.