Manually install an SSL certificate on my Cisco ASA 5500 VPN/Firewall

After your certificate request is approved, you can download your certificate from the SSL manager and install it on your Cisco Adaptive Security Appliance (ASA) 5500 VPN or firewall.

1. Find the directory on your server where certificate and key files are stored, then upload your intermediate certificate (gd_bundle.crt or similar) and primary certificate (.crt file with randomized name) into that folder.
2. Launch the Cisco ASDM (Adaptive Security Device Manager).
3. In the list of icons near the top of the screen, click Configuration.
4. On the left hand sidebar, click Remote Access VPN.
5. In the new panel on the left, click to expand Certificate Management and click CA Certificates.
6. On the right-hand side of the main panel, click Add.
7. For the Trustpoint Name, simply enter a name to easily identify your intermediate certificate at a later date.
8. Select the radio button to Install from a file and click Browse....
9. Select your recently uploaded gd_bundle.crt (or similar) file and click OK.
10. Click Install Certificate to install the intermediate certificate.
11. In the panel on the left, locate the expanded Certificate Management section and click Identity Certificates.
12. Select your recently installed intermediate certificate, which will show Not Available for Issued By and Pending for Expiry Date.
13. On the right-hand side of the main panel, click Install.
14. Select the radio button to Install from a file and click Browse....
15. Select your recently uploaded primary certificate (randomly named .crt file) and click OK.
16. Click Install Certificate.
17. Click OK to close the success message.
18. Back in the Cisco ASDM, find the panel on the left. Click to expand Advanced and click SSL Settings.
19. In the Certificates section, select the interface used to terminate WebVPN sessions and click Edit.
20. For Primary Enrolled Certificate, select your newly installed SSL from the drop down menu and click OK.
21. Click Apply to finalize the settings for WebVPN sessions that terminate on your selected interface.

Next step

• Use our Certificate Checker to confirm the SSL is installed.

More info

• Renewing your SSL certificate.

Note: As a courtesy, we provide information about how to use certain third-party products, but we do not endorse or directly support third-party products and we are not responsible for the functions or reliability of such products. Third-party marks and logos are registered trademarks of their respective owners. All rights reserved.