Cisco ASA 5505 User Manual
Page 1111
52-23
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 52 Configuring Cisco Intercompany Media Engine Proxy
Configuring Cisco Intercompany Media Engine Proxy
What to Do Next
Create the TLS proxy for the Cisco Intercompany Media Engine. See the
“Creating the TLS Proxy”
section on page 52-24
.
Step 4
hostname(config-ca-trustpoint)# keypair keyname
Example:
hostname(config-ca-trustpoint)# keypair local-ent-key
Specifies the key pair whose public key is to be
certified.
Step 5
hostname(config-ca-trustpoint)# enroll terminal
Specifies that you will use the “copy and paste”
method of enrollment with this trustpoint (also
known as manual enrollment).
Step 6
hostname(config-ca-trustpoint)# exit
Exits from the CA Trustpoint configuration
mode.
Step 7
hostname(config)# crypto ca enroll trustpoint
Example:
hostname(config)# crypto ca enroll remote-ent
%
% Start certificate enrollment ...
% The subject name in the certificate will be:
% cn=enterpriseA
% The fully-qualified domain name in the certificate will
@ be: ciscoasa
% Include the device serial number in the subject name?
[yes/no]: no
Display Certificate Request to terminal? [yes/no]: yes
Starts the enrollment process with the CA.
Where trustpoint is the same as the value you
entered for trustpoint_name in
Step 2
.
When the trustpoint is configured for manual
enrollment (enroll terminal command), the
ASA writes a base-64-encoded PKCS10
certification request to the console and then
displays the CLI prompt. Copy the text from the
prompt.
Submit the certificate request to the CA, for
example, by pasting the text displayed at the
prompt into the certificate signing request
enrollment page on the CA website.
When the CA returns the signed identity
certificate, proceed to
Step 8
in this procedure.
Step 8
hostname(config)# crypto ca import trustpoint certificate
Example:
hostname(config)# crypto ca import remote-ent certificate
Imports the signed certificate received from the
CA in response to a manual enrollment request.
Where trustpoint specifies the trustpoint you
created in
Step 2
.
The ASA prompts you to paste the base-64
formatted signed certificate onto the terminal.
Step 9
hostname(config)# crypto ca authenticate trustpoint
Example:
hostname(config)# crypto ca authenticate remote-ent
Authenticates the third-party identity certificate
received from the CA. The identity certificate is
associated with a trustpoint created for the
remote enterprise.
The ASA prompts you to paste the base-64
formatted identity certificate from the CA onto
the terminal.
Command
Purpose