ASA’s Default Certificate
The ASA is going to use a self-signed digital certificate by default. It needs this to support an administrator connecting to the firewall to support the ASDM, and for the ability to support any SSL VPN clients that you will be configuring in a later chapter. The problem with a self-signed certificate is that no browsers or other devices will have the ASA listed as a trusted CA, and HTTPS connections to the ASA, such as an administrator who wants to run ASDM, will receive a warning message that the certificate is not trusted.
If you do not want to use a self-signed certificate, but instead want to use a certificate from a CA server on the Internet, you must install a root certificate (of the CA you are going to trust) ...
Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
