Filter
Top Products
30-27
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices
Understanding SSL VPN Server Verification (ASA)
Using the Trustpool Manager
Use the Trustpool Manager to manage the certificates that are included in the trustpool. The Trustpool
Manager provides the following functions:
• Updating the trustpool
• Importing a certificate bundle
• Exporting a certificate bundle
• Removing certificates from the trustpool
Navigation Path
(Device View only) Select an ASA device, select Remote Access VPN > Trusted Pool from the Policy
selector, and then click Launch Trustpool Manager.
Updating the Trustpool
The trustpool should be updated if either of the following conditions exists:
• Any certificate in the trustpool is due to expire or has been re-issued.
• The published CA certificate bundle contains additional certificates that are required by a specific
application.
To update the certificates in the trustpool, click Refresh Certificates.
Importing a Certificate Bundle
You can import individual certificates or bundles of certificates from a variety of locations in one of the
following formats:
• x509 certificates in DER format wrapped in a pkcs7 structure
• a file of concatenated x509 certificates in PEM format (complete with PEM header)
To import a certificate or bundle:
1. Click Import Bundle.
2. Select the location of the bundle:
–
Import from Cisco published signed root file distribution—Select this option to import from
the published distribution site.
–
Import from a URL—If the bundle is hosted on a server, select this option, select the protocol
from the list, and enter the URL in the box.
–
Bundle file on device—If the bundle is stored on the ASA flash file system, select this option
and then enter the path to the bundle.
Launch Trustpool Manager Launches the Trustpool Manager, which is used to manage Trustpool
certificates. You can use the Trustpool Manager to perform the
following:
For more information, see Using the Trustpool Manager, page 30-27.
Table 30-12 Trusted Pool Page (Continued)
Element Description