Cisco ASA 5505 User Manual

41-32

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 41 Configuring Digital Certificates

Configuring Digital Certificates

Examples

The following example shows the list of local CA files that appear in flash memory or in external storage:

hostname (config-ca-server)# dir LOCAL* //

Directory of disk0:/LOCAL*

75 -rwx 32 13:07:49 Jan 20 2007 LOCAL-CA-SERVER.ser

77 -rwx 229 13:07:49 Jan 20 2007 LOCAL-CA-SERVER.cdb

69 -rwx 0 01:09:28 Jan 20 2007 LOCAL-CA-SERVER.udb

81 -rwx 232 19:09:10 Jan 20 2007 LOCAL-CA-SERVER.crl

72 -rwx 1603 01:09:28 Jan 20 2007 LOCAL-CA-SERVER.p12

127119360 bytes total (79693824 bytes free)

Step 3

crypto ca server

Example:

hostname (config)# crypto ca server

Enters local CA server configuration mode. Allows
you to configure and manage a local CA.

Step 4

database path

mount-name directory-path

Example:

hostname (config-ca-server)# database path

mydata:newuser

Specifies the location of mydata, the premounted
CIFS file system to be used for the local CA server
database. Establishes a path to the server and then
specifies the local CA file or folder name to use for
storage and retrieval. To return local CA file storage
to the ASA flash memory, use the no database path
command.

Note

To secure stored local CA files on an external
server requires a premounted file system of
file type CIFS or FTP that is
username-protected and password-protected.

Step 5

write memory

Example:

hostname (config)# write memory

Saves the running configuration.

For external local CA file storage, each time that you
save the ASA configuration, user information is
saved from the ASA to the premounted file system
and file location, mydata:newuser.

For flash memory storage, user information is saved
automatically to the default location for the start-up
configuration.

Command

Purpose