Let’s Encrypt SSL Certificate for Cisco AnyConnect VPN

Let’s Encrypt SSL Certificate for Cisco AnyConnect VPN

Please refer to the steps to apply Let’s Encrypt SSL Certificate for Cisco AnyConnect VPN

  1. Applied Let’s Encrypt SSL Certificate for Cisco AnyConnect VPN

Convert the PFX file to base64 using MaboXterm

openssl base64 -in cert.pfx > cert.base64

#View the content of cert.base64
cat cert.base64

Import the Let’s Encrypt SSL Wildcard Certificate to Cisco ASA

crypto ca import star.aventistech.info pkcs12 XXXXX (XXX - Password to open the pfx file)

Enter the base 64 encoded pkcs12.
End with the word "quit" on a line by itself:

PASTE ALL CONTENT FROM THE OUTPUT FROM CAT CERT.BASE64

quit
INFO: Import PKCS12 operation completed successfully

Verify the Let’s Encrypt Cert is installed successfully and mark down the name of trustpoint

sh crypto ca certificates

 OCSP AIA:
    URL: http://ocsp.int-x3.letsencrypt.org
  Validity Date:
    start date: 16:03:42 MYT Sep 4 2018
    end   date: 16:03:42 MYT Dec 3 2018
  Storage: config
  Associated Trustpoints: star.aventistech.info

Assign the Let’s Encrypt Cert to Outside Interface

ssl trust-point star.aventistech.info outside

Login via https://sslvpn.aventistech.info, and you should see the Let’s Encrypt Cert is installed

Leave a Comment