Export an Identity Certificate
You can export and import the keypair and issued certificates associated with a trustpoint in PKCS12 or PEM format. This format is useful to manually duplicate a trustpoint configuration on a different ASA.
Procedure
Step 1 | In the navigation menu, click . |
Step 2 | Click the Devices tab. |
Step 3 | Click the ASA. |
Step 4 | Select the ASA device and in the Management on the right, click Trustpoints. |
Step 5 | Click the identity certificate to export the certificate configuration. Alternatively, you can search for the certificate by entering its name in the search field. |
Step 6 | In the Actions pane on the right, click Export Certificate. |
Step 7 | Choose the certificate format by clicking the PKCS12 Format or the PEM Format. |
Step 8 | Enter the encryption passphrase used to encrypt the PKCS12 file for export. |
Step 9 | Confirm the encryption passphrase. |
Step 10 | Click Export to export the certificate configuration. An information dialog box appears, informing you that the certificate configuration file has been successfully exported to the location that you specified. |
What to do next
-
To decode certificate in base64 format:
openssl base64 -d -in <file_name>.p12 -out <file_name>_b64.p12
-
To view certificate:
openssl pkcs12 -in <file_name>_b64.p12 -passin pass:<password>