Configuring the issuer name, Configuring the ca certificate lifetime – Cisco ASA 5505 User Manual

41-28

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 41 Configuring Digital Certificates

Configuring Digital Certificates

Configuring the Issuer Name

To configure the certificate issuer name, perform the following steps:

Configuring the CA Certificate Lifetime

To configure the local CA server certificate lifetime, perform the following steps:

Command

Purpose

Step 1

crypto ca server

Example:

hostname (config)# crypto ca server

Enters local CA server configuration mode. Allows
you to configure and manage a local CA.

Step 2

issuer-name

DN-string

Example:

hostname (config-ca-server)# issuer-name

CN=xx5520,CN=30.132.0.25,ou=DevTest,ou=QA,O=ABC

Systems

Specifies the local CA certificate subject name. The
configured certificate issuer name is both the subject
name and issuer name of the self-signed local CA
certificate, as well as the issuer name in all issued
client certificates and in the issued CRL. The default
issuer name in the local CA is in the format,
hostname.domainname.

Note

You cannot change the issuer name value after
the local CA is first enabled.

Command

Purpose

Step 1

crypto ca server

Example:

hostname (config)# crypto ca server

Enters local CA server configuration mode. Allows
you to configure and manage a local CA.