INFO: Import PKCS12 operation completed successfully. The following example first configures a new trustpoint, then configures it for WebVPN Java object signing:Ĭiscoasa(config)# crypto ca import mytrustpoint pkcs12 mypassphraseĮnd with the word “quit” on a line by itself. You can obtain a PKCS12 bundle from a trusted CA authority or you can manuallyĬreate one from an existing X.509 certificate and an RSA private key using open source tools such as openssl.Īn uploaded certificate cannot be used to sign Java objects that are embedded with packages (for example, the CSD package). This is typically achieved by using theĬrypto ca import command to import a PKCS12 formatted bundle. To that certificate, and a certificate authority chain extending up to a root CA. For the java-trustpoint command, the given trustpoint must contain the X.509 certificate of the application signing entity, the RSA private key corresponding
The following table shows the modes in which you can enter the command:Ī trustpoint is a representation of a certificate authority (CA) or identity key pair. Specifies the trustpoint location configured by the crypto ca import command.īy default, a trustpoint for Java object signing is set to none.
Location, use the java-trustpoint command in webvpn configuration mode.To remove a trustpoint for Java object signing, use the no form of this command. To configure the WebVPN Java object signing facility to use a PKCS12 certificate and keying material from a specified trustpoint
0 kommentar(er)
