Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1740
Views
0
Helpful
1
Replies

FWSM - FQDN (alternate name) - need IP AND DNS hostname, is this supported?

golly_wog
Level 1
Level 1

‎08-02-2011 10:17 AM - edited ‎03-11-2019 02:06 PM

Hi

On the FWSM I am trying to register a cert with a CA with an IP Address AND hostname, I can register fine using either an IP address or DNS hostname, but can't do both,

ciscoasa(config-ca-trustpoint)# fqdn test,1.1.1.1

ERROR: Invalid domain name specified.

Name labels can only contain letters, digits or hypthens.

According to RFC 2459 I should be able to add more than one...

4.2.1.7  Subject Alternative Name

   The subject alternative names extension allows additional identities
   to be bound to the subject of the certificate.  Defined options
   include an Internet electronic mail address, a DNS name, an IP
   address, and a uniform resource identifier (URI).  Other options
   exist, including completely local definitions.  Multiple name forms,
   and multiple instances of each name form, may be included.

Can anyone tell me if it's only possible to add a single alternative name?

Cheers

Labels:
0 Helpful
1 Reply 1

Mohammad Alhyari
Cisco Employee
Cisco Employee

‎08-23-2011 02:18 PM

Hi ,

with the ASA you can't do this , please see the following :

CSCso70867    ASA doesn't support SAN attributes for the enrollment request

the ASA will allow you to add the SAN to the CSR using the FQDN , but it still doesn't support multiple SAN ,  you can consider generating the CSR outbound using some CA that allows the use of multiple SAN.

as far as i know this can't be done on the FWSM also .

regards.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card