Cisco Cisco Content Security Management Appliance M380 Guía De Información

recommended to sign the certificate by a trusted Certification Authority (CA). Cisco does not
recommend a specific CA. For signing select "Download certificate signing request" on the GUI
of the ESA  and submit it to the trusted CA of choice. 

The CA signed certificate or the self signed certificate and the private key in .pem format, can be
imported now into the SMA . To learn how to do it, please read TechNote "How do I install
certificates on an SMA?" as refered below.

Instead of converting the certificate from .pfx into .pem you can simply save a configuration file
wihtout masking the passwords on the ESA. Open the XML file and search for the <certificate>
tag. You will find the certificate and private key already in PEM format. Copy the certificate and
private key for importing the same into the SMA as described in TechNote "How do I install
certificates on an SMA?" as refered below.

Note: If you go for option 2 and if you have the certificate signed by a CA you first need to
import the signed certificate back to the ESA before saving the configuration file for making a
copy of the certificate and private key. Import can be done by clicking on the certificate name
on ESA GUI and use option " Upload Signed Certificate".

Access the SMA GUI via HTTPS (https://<SMA IP or hostname>) and put in your credentials

1.

Next to the URL in the address bar on your browser, click the Lock icon and check validity of
the certificate, expiry, etc.

2.

Click on the Certification Path to check the chain of certificates

3.

●

●