Posts

How to install a Godaddy SSL certificate on a Cisco ASA firewall

The first step in getting an SSL certificate for your Cisco ASA is to generate a CSR request.
1.  Open ASDM > Configuration > Device Management
2.  Certificate Management > Identity Certificates > Add
3.  Add a New Identity Certificate > New
4.  Click the “Enter new key pair name” radio button.  Enter your FQDN of your firewall (VPN.MyDomain.com)
5.  Change the size to 2048
6.  Click generate now.
7.  On the next screen choose the following attributes and fill in the values then click add.
CN = FQDN of your domain (vpn.MyDomain.com)
OU = Department of your business responsible (IT)
O = Legal name of organization
C = Country abbreviation (US)
ST = State abbreviation (AZ)
L = City (Scottsdale)
8.  Click ok once these are all added
9.  Click advanced
10.  In the FQDN type again your FQDN (Vpn.MyDomain.com)
11.  Click Ok and Add Certificate.
12.  You will be prompted to save this certificate to your PC which you should do.
13.  Login to your Godaddy account and copy and paste all the text from the CSR.
14.  Once you submit your CSR you can download the certificate to your PC in .crt format.
15.  Go back to the ASDM Certificate Management > Identity Certificates.  Select your previously generated CSR and click the install button.  Browse to the .crt file you were provided with from Godaddy.
16.  Now that you have installed the certificate you must tell the ASA to use it for SSL.  To do this in the Device Management on the ASA browse to advanced > SSL settings.
17.  Select the interface for your VPN clients and click edit.  Now select your new certificate
 
Congrats you should now be able to brose to your external web interface and see it is a trusted site!